News Gigabyte Rolls Out Firmware Up to Mend Firmware Backdoor

[Admin]

New firmware to mitigate the recently discovered backdoor in over 250 Gigabyte AMD and Intel motherboard models is now available for download.

Gigabyte Rolls Out Firmware Up to Mend Firmware Backdoor : Read more

 

[Deleted member 2731765]

Hiding malicious programs in a computer’s UEFI firmware has become a cunning trick lately in the toolkit of stealthy hackers.

But when a motherboard vendor installs its own hidden backdoor in the firmware of millions of systems, and doesn’t even put a proper lock on that hidden back entrance, then they’re practically doing hackers’ work for them.

 

[peachpuff]

But when a motherboard vendor installs its own hidden backdoor

Its an updater not a backdoor.

 

[toffty]

Its an updater not a backdoor.

If we're being super pedantic, you're correct.
If we're talking about the end result, this updater is a backdoor with a rusty pad lock on it.

 

[helper800]

Its an updater not a backdoor.

Too-may-toe, too-mah-toe.

 

[Alvar "Miles" Udell]

Considering AMD boards do not have the best track record with hurriedly released beta bios, I think I'll wait until it's properly tested and just leave the useless Gigabyte App Center option disabled, as it should be anyway.

 

[peachpuff]

If we're being super pedantic, you're correct.
If we're talking about the end result, this updater is a backdoor with a rusty pad lock on it.

Let me know when you can get past that rusty padlock, i'll wait.

 

[toffty]

Let me know when you can get past that rusty padlock, i'll wait.

The article itself already listed easy-to-setup ways to break that lock
Heck you can do it right now with your router if you'd like and hijack yourself! Just edit the routing table.

 

[setx]

Let me know when you can get past that rusty padlock, i'll wait.

And why should he tell you? This information can be sold for serious money.
One firm being responsible with alerting public doesn't mean others would follow. That is the main problem with such vendor backdoors.

Also very annoying for such "features" is that they automatically turn on after each BIOS update, you can't just once disable it and forget.

 

[Psiboy69]

New firmware to mitigate the recently discovered backdoor in over 250 Gigabyte AMD and Intel motherboard models is now available for download.

Gigabyte Rolls Out Firmware Up to Mend Firmware Backdoor : Read more

I own 2 x b550 gigabyte boards no update yet, neither of which have the option in the bios to turn of the updater. So maybe chrck all the boards pages before parotting Gigabyte's lies! (Aorus master and Aorus Pro ax) I also have the Aorus x570s Aorus Pro AX which already had the option to disable the updater in the bios (which I'd already done) but they have rushed out a bios for that one! Probably removes the ability to turn it off so they can stick it where the sun don't shine!

 

[SpeedracerXT]

Odd, can't flash the new BIOS on my AORUS Z590 Master - 'BIOS ID check error' every time.

 

[Minsikau]

Wrong bios then! Ore try the insert bios usb in the rear (one special bios update socket, and then do a system hard reset and should pickup and load the new bios (providing it is for the right motherboard of course or it will fail still)

 

[The Beav]

Hiding malicious programs in a computer’s UEFI firmware has become a cunning trick lately in the toolkit of stealthy hackers.

But when a motherboard vendor installs its own hidden backdoor in the firmware of millions of systems, and doesn’t even put a proper lock on that hidden back entrance, then they’re practically doing hackers’ work for them.

It was never hidden, it was an option in the bios, simply disabling it made it 100% ineffective.

 

[Psiboy69]

It was never hidden, it was an option in the bios, simply disabling it made it 100% ineffective.

Ah NO, a number of boards never had and still don't have options to turn it off. 2 of my 3 gigabyte boards. The x570 has always had the option the 2 B550 variants still don't despite running latest bios