Millions of PC Motherboards Were Sold With a Firmware Backdoor
www.wired.com
Hidden code in hundreds of models of Gigabyte motherboards invisibly and insecurely downloads programs—a feature ripe for abuse, researchers say.

cross-posted from: https://feddit.de/post/721048

“While Eclypsium says the hidden code is meant to be an innocuous tool to keep the motherboard’s firmware updated, researchers found that it’s implemented insecurely, potentially allowing the mechanism to be hijacked and used to install malware instead of Gigabyte’s intended program.”

  • Solstice@lemmy.oneEnglish
    1·
    1 year ago

    Disable it using registry edit:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"DisableWpbtExecution"=dword:00000001
    • NoxiousPluK@lemmy.blahaj.zoneEnglish
      4·
      1 year ago

      Microcontrollers can perfectly fine initiate connections and download stuff, and there’s plenty of those on a motherboard. I’m not sure if that’s also the case/flow here, but it could technically be.

      Edit: Many modern UEFI BIOS’s can also initiate connections and check for updates themselves.