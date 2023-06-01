Intentional Backdoor On Gigabyte Motherboards Poses Major Security Risks To Users

In a startling discovery, noted cybersecurity firm Eclypsium has detected a major security flaw with motherboards made by Taiwanese computer hardware maker Gigabyte Technology. In a blog post detailing the issue, Eclypsium revealed that the security flaw with Gigabyte-made motherboards was found within the firmware. While there is no known case of someone using this vulnerability to cause intentional damage, the fact that it affects the motherboard's auto-update functionality is a major cause for concern. Eclyspium describes the vulnerability as a backdoor that is found on several Gigabyte motherboards, escaping detection for years.

Evidently, the issue lies with Gigabyte's flawed updater program which is a part of the motherboard's firmware. It is triggered when the motherboard attempts to connect to Gigabyte servers to look for new software versions. Essentially, the updater program within the firmware pings three different websites for the updated version of the firmware. One of these websites within the Gigabyte subdomain did not even have an SSL certificate and was left entirely unsecured, according to the researchers. In the case of the other two links — while they did have valid security certificates — Gigabyte allegedly did not have the correct implementation for remote server certificate validation.

The irony here is that firmware updates are typically used to fix vulnerabilities and security threats. In this instance, however, the manner in which the company implemented the firmware update protocol itself is being called into question. Gigabyte's approach not only negated the advantages of firmware updates but also potentially exposed millions of Gigabyte consumers to serious security threats. If that wasn't enough, Eclypsium also claims that the updater executed various codes without proper user authentication.