[Hardware] Gigabyte shows its face and corrects the vulnerability of its motherboards

[#Steeven.™]

Just over 24 hours ago we announced a serious error on the part of the Gigabyte company. A bug in its latest firmware update left a major security gap in many board models.

Today it seems that they recognize their mistake and launch a readjustment so that all affected users can do it as soon as possible and thus avoid security problems.

 

BIOS update
If you have a Gigabyte board, it is more than likely that you have been affected, so it is very interesting that you take into account what the company has launched a few hours ago to heal you.

This update consists of a BIOS update that improves the signature verification process. It is not a permanent solution, but the company recommends doing it to avoid any unnecessary risk as much as possible, since they guarantee that the validation process for downloaded software and files is more secure, and installing something that compromises our files would be a more difficult task. Therefore, although the gap is still there, the temporary barrier that Gigabyte offers us can save us from some scare.

As a second change, they have activated cryptographic verification, which consists of making sure that all downloaded files come from verified servers, certified and considered safe.

The update also covers motherboards that were not affected by the problem such as the Intel 500/400 and AMD 600 series. We assume that they were afraid that another door would be found that would open more models and preferred to cover their backs.

Therefore, with these two changes, the peace of mind that they offer us is somewhat greater than what we could have yesterday where there was no type of solution from them and we were sold waiting for such news.

That doesn't change that the bug is very serious and hopefully they keep that in mind for future changes, where we will see updates tested and proven in a much more robust way.

They also recommend putting a password to access the BIOS settings, something quite simple, which is not a major problem for us and which closes the door to unwanted activities.

On the other hand, Eclypsium, the company that revealed the error, has also added that the previous version (with the error) automatically connected to 3 websites from which it downloaded software without our permission, these would be:

• http://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
• https://mb.download.gigabyte.com/FileList/Swhttp/LiveUpdate4
• https://software-nas/Swhttp/LiveUpdate4

Because of that, they recommend accessing the motherboard and from the firewall disable the "APP Center Download & Install". What will ensure that these types of actions are not carried out automatically, and we have to manually decide what we want to download and, above all, update.

With all these changes and advice we hope that no user has been affected by this vulnerability and that everything has been a little scared. Of course, we will have to be aware of all the updates that come to us from now on if we have one of the affected boards. It's not going to happen to them again.

 

https://hardzone.es/noticias/componentes/gigabyte-parche-vulnerabilidad/