According to a study conducted by Eclypsium, a company specializing in cybersecurity, there would potentially be million motherboards brand Gigabytes spread all over the world and equipped with a dangerous backdoor built into the firmwareespecially those of the Gigabyte brand.
The Taiwanese company has in fact inserted a system by default on its motherboards, within the UEFI firmware, for start an updater automatically every time you start your PC, which should automatically allow other software to download and run. The explanation is simply the fact of carrying out automatic updates of the system software, in order to automatically keep the hardware components updated, but this solution can be open to very unlawful uses.
In fact, second Eclypsium, it is a real backdoor opened in millions of pieces of hardware sold on the market, which could allow hackers easy access to unsuspecting users’ PCs. Moreover, since it is software that concerns the motherboard firmware, therefore external to the operating system itself, it can be difficult for users to reach and understand.
Eclypsium research has listed 271 Gigabyte motherboard models that contain this issue, visible in the post on official blog of the company. According to reports, the inclusion of the auto-updater in the firmware of the motherboards would have been done without resorting to adequate security systems, which would expose the system to illegal use.
With such a flaw, it could become easy for hackers to introduce malware and the like into users’ computers by doing run third-party software: it seems in fact that the system downloads code onto the machine without first carrying out an effective authentication procedure, in some cases even through an unsecured HTTP connection. In other cases, the mechanism could allow downloading from a NAS, while also offering different possibilities to access the computers.
Gigabyte responded to Eclypsium by reporting that it will fix the problem, probably through an update, although the issue has been ongoing for some time and has only now been discovered.
As reported on the Reddit page opened on the subject, i Potentially vulnerable PCs are those that have the “APP Center Download & Install” option enabled on UEFI/BIOS, in Advanced Mode -> Settings ->IO Ports ->Gigabyte Utilities Downloader Configuration, therefore it is advisable to disable it if necessary.
#Gigabyte #Millions #motherboards #security #flaw #firmware