Researchers at Binarly and Carnegie Mellon University disclosed four deep firmware issues to Gigabyte back in April, which could allow attackers to bypass Secure Boot on hundreds of Gigabyte motherboard models. These compromised versions of the Unified Extensible Firmware Interface (UEFI, also sometimes called by the outdated term BIOS) can be used to run code in a pre-boot environment, essentially compromising the computer long before Windows or another operating system boots.
According to BleepingComputer, about 240 Gigabyte motherboard models with Intel chipsets use the American Megatrends parts affected by this firmware, plus tons of devices from other manufacturers that aren't currently disclosed. Gigabyte already patched the issue on some affected motherboards via the June BIOS update. But given the age of these PCs, many of them are out of service, meaning they're not scheduled to ever get UEFI/BIOS updates to fix the problem. That is… a problem.
|
