New Gigabyte BIOS updates for motherboard backdoor removal issued

Gigabyte has released BIOS updates aimed at removing a firmware backdoor discovered by Eclypsium in over 270 of its motherboard models, which could have been exploited to facilitate the deployment of a Windows binary that would then prompt payload retrieval and execution, SecurityWeek reports. Aside from addressing reported download assistant flaws, the updates also feature more robust verification for files downloaded from remote servers and standard remote server certificate verification, which would prevent malicious code injections during the booting process, as well as ensure that downloaded files are from secure servers. "Gigabyte engineers have already mitigated potential risks and uploaded the Intel 700/600 and AMD 500/400 series Beta BIOS to the official website after conducting thorough testing and validation of the new BIOS on Gigabyte motherboards," said Gigabyte, which has also released updates for Intel 500/400 and AMD 600 series chipset motherboards, as well as older motherboard models.