Info OhOh - "Gigabyte shipped hundreds of models of motherboards with a hidden firmware backdoor"

CeltPC

Honorable
Jun 8, 2017
75
55
10,610
According to TECHSPOT, "The hidden backdoor could allow hackers to install malware on a system.". Here is the article:

https://www.techspot.com/news/98897...ls-motherboards-hidden-firmware-backdoor.html

The most disturbing part to me is that "At the end of the day, they are still using a hidden mechanism to silently download and install code from the Internet without your knowledge or consent.". Not an expert on this, but seems to be a pretty poor choice by Gigabyte.
 
According to TECHSPOT, "The hidden backdoor could allow hackers to install malware on a system.". Here is the article:

https://www.techspot.com/news/98897...ls-motherboards-hidden-firmware-backdoor.html

The most disturbing part to me is that "At the end of the day, they are still using a hidden mechanism to silently download and install code from the Internet without your knowledge or consent.". Not an expert on this, but seems to be a pretty poor choice by Gigabyte.
Gigabyte's not alone, Asus does it too. Gigabyte might be worse in the insecure way they retrieve files from the servers since as I understand there's no cryptographic digital signature checking but there wasn't any information about that on Asus in the TH article I read. Both are irresponsible practices that should be banned.

I would like to know if it could be prevented by the OS in any way. If so, Microsoft should implement a blocking mechanism for the purpose. Even if it has to be enabled or can be disabled by the administrator, just make it something you don't have to use GPEdit to use.

And separately...I would have to think corporate and government users would be especially incensed by this if their systems are "phoning home" at every bootup.
 
Last edited:
Jun 2, 2023
1
0
10
Gigabyte just posted Firmware version F5e with instructions to use Efiflash.exe included in the Firmware Archive. The only problem is that EfiFlash.exe refuses to run on Windows 11. Not Gigabyte's finest hour.
 
Gigabyte just posted Firmware version F5e with instructions to use Efiflash.exe included in the Firmware Archive. The only problem is that EfiFlash.exe refuses to run on Windows 11. Not Gigabyte's finest hour.
I'm just guessing...but does EFIFlash have to run in UEFI? I've not tried on my Gigabyte board, but if I spam the F8 key on the Asus board I'd get a boot menu; one choice was to boot into a UEFI command session (no Windows). You could then access the USB drive and execute the EFIFlash routine to update BIOS.

Personally, I think I'd try updating using QFlash anyway.
 
Last edited:
An update:

Sounds like it still downloads the service and app but does it more securely. I don't want it able to download and install anything without my express opt-in.

BTW...what I discovered is it downloads an "updater" service and installs it so long as the BIOS setting is left enabled; I imagine that's what asks if you want to install the app. Did it on my Asus board too. If this updater gets installed it does not disable as it re-enables itself at every startup even with the BIOS setting disabled. I had to completly delete the services (SC tool in command prompt) in each case.
 
Last edited: