Yet another motherboard manufacturer seems to be in trouble — or rather, the people who own those motherboards might be. According to security researchers, countless Gigabyte boards might be vulnerable to dangerous cyberattacks.
If you want to be extra safe, there are a couple of things you can do to protect your PC. Here’s what we know.
According to a report published by security company Eclypsium, many Gigabyte motherboards are at risk. Eclypsium published a full list of the models that are affected by the vulnerability, and that list alone encompasses over 270 different entries. That means that if you own a Gigabyte board, chances are that you’re affected by this too. Both AMD and Intel platforms might be compromised.
To give you a quick recap on what’s going on, Eclypsium has found a vulnerability within the firmware of those Gigabyte motherboards. Gigabyte’s own software automatically updates the firmware without further prompts, and because of that, it opens the door to potential attacks.
The list of risks is huge, but individual users are in less danger than organizations that run multiple computers equipped with Gigabyte boards. This is because the attacker would have to be using the same network as you in order to divert the software updater to download a harmful payload instead of a new firmware update. Still, this could be dangerous and awfully difficult to get rid of. To make matters worse, out of the three possible download locations for Gigabyte’s firmware, one of them is only using a plain HTTP address instead of HTTPS, further lowering the security of the downloading process.
While this is a quite sophisticated and situational hack, if a threat actor or hacker group manages to carry out the attack, the consequences could be disastrous. Let’s go over them quickly.
For one, hackers could exploit vulnerable software built into a computer’s firmware in order to pose as a legitimate feature. From there, they could gain full access to the affected PC and network. UEFI rootkits and implants, which are a type of malware, also pose a great threat because they’re executed before your system even starts up. As such, not even reinstalling the operating system and wiping your drives clean would be enough to get rid of them.
Perhaps the worst thing of all is that the firmware download occurs during system start-up, so you’d likely be none the wiser until it would be too late. Eclypsium goes into a lot of detail in its report as to what the dangers of this vulnerability are, so make sure to read it here if you’re interested.
How to protect yourself
Gigabyte is working with Eclypsium in order to fix this issue. The company released an official statement, saying that its engineers have already addressed the potential risks in the latest beta version of the BIOS. This means that owners of Intel 700/600 or AMD 500/400 boards could go ahead and download the update and stay safe, but using a beta version of the BIOS comes with some risks of its own. It’s unclear whether using it would affect the board warranty at this point.
Fortunately, Eclypsium has also provided a couple of fixes that can tide you over until Gigabyte clears everything up. You’ll first have to enter the BIOS. This is most commonly done by tapping the F2 or Del key over and over during the time when your PC is starting up, but if that doesn’t work, check out our guide on how to use the BIOS to see if there are any other keys you might need to mash here.
Once you’re on the options screen, navigate to the App Center Download & Install feature and disable it. This turns off automatic updates. We also recommend setting a BIOS password to add an extra layer of security.
Motherboards, in general, have had their share of troubles lately. As Gigabyte is battling this problem, Asus also finds itself in the crossfire following a huge AMD Ryzen 7000 controversy. Instead of a cybersecurity threat, users with Asus boards have found their PCs at risk of burning up.
