Critical Firmware Vulnerability in Gigabyte Systems Exposes ~7 Million Devices

Wed, 31 May 2023 18:52:00 Dan gigabyte , vulnerability

Cybersecurity researchers have found "backdoor-like behavior" within Gigabyte systems, which they say enables the UEFI firmware of the devices to drop a Windows executable and retrieve updates in an unsecure format.

Firmware security firm Eclypsium said it first detected the anomaly in April 2023. Gigabyte has since acknowledged and addressed the issue.

"Most Gigabyte firmware includes a Windows Native Binary executable embedded inside of the UEFI firmware," John Loucaides, senior vice president of strategy at Eclypsium, told The Hacker News.

More at https://thehackernews.com/2023/05/critical-firmware-vulnerability-in.html

About the author

Dan

I'm a long-time user and enthusiast of open source software and espouse the philosophy that software code should be open (readable). So that everyone can see what happens behind the scenes while we use our electronic devices every day.