News Gigabyte Deploys Firmware to Mitigate SMM Callout Privilege Escalation Flaw

mikewinddale

Distinguished
Dec 22, 2016
290
55
18,940
It looks like this flaw only affects APUs, and furthermore, only people who grant physical or administrative access to the system?

I've got a Gigabyte X470 with a Ryzen 7 2700X. The update for me won't be released until later this month. But it seems I don't have to worry, since I don't have an APU? And even if I had an APU, I've got a home desktop, and nobody but me has physical or administrative access. Correct?

Thanks.
 

CerianK

Distinguished
Nov 7, 2008
260
50
18,870
It looks like this flaw only affects APUs, and furthermore, only people who grant physical or administrative access to the system?

I've got a Gigabyte X470 with a Ryzen 7 2700X. The update for me won't be released until later this month. But it seems I don't have to worry, since I don't have an APU? And even if I had an APU, I've got a home desktop, and nobody but me has physical or administrative access. Correct?

Thanks.
You are correct. Always assess your current security, performance and stability situation prior to performing a BIOS update so that you can minimize risk on all fronts. Currently, applying a BIOS update is a reasonably safe process when deemed necessary, but history tells us that was not always the case. However, you may also have to consider how much effort you put into the settings, so that you can replicate that process.
 
Jul 9, 2020
2
0
10
Does this issue really require a microcode update to fix? That's much more significant an issue than an issue with the BIOS code.