Gigabyte was quick to respond to a report from research firm Eclysium, which discovered a major vulnerability in Gigabyte’s UEFI motherboard firmware. The manufacturer has released a beta version of new software for its boards that reduces potential security risks.
The list of affected Gigabyte motherboards is quite impressive and includes more than 250 models based on Intel 400, 500, 600 and 700 series chipsets as well as AMD 400, 500 and 600 series chipsets. For some motherboards, you can already download the new firmware from the official Gigabyte website.
Unfortunately, Gigabyte did not provide detailed information about the new firmware. However, according to the manufacturer, the new version of UEFI uses increased security measures when starting the PC. The company points out that the new protection mechanisms are aimed at detecting and preventing malicious actions during the PC boot process.
The company has also made significant changes to the remote servers from which the firmware is downloaded. In particular, the signature verification process for files from remote servers has been improved. The new security mechanism checks the integrity of files more thoroughly to prevent would-be cybercriminals from intercepting the boot process and injecting their own PC motherboard BIOS code there.
In addition, Gigabyte has included cryptographic verification of certificates for remote servers in the BIOS standard. She is responsible for various access rights. This function was previously deactivated by default in the BIOS. Why is unknown.
Intel 600 and 700 series and AMD 400 and 600 series motherboard owners will be the first to receive the updated firmware. A little later, the company will release software updates for motherboards based on the Intel 500 and 400 series chipsets, as well as the AMD 600 series. They will also be available on the official Gigabyte website on their respective product pages.