gigabyte – Page 2 – WindowsTechs.com

Gigabytes the Dust with UEFI Vulnerabilities

Posted on April 4, 2017 by Jack Laidlaw

At this year’s BlackHat Asia security conference, researchers from Cylance disclosed two potentially fatal flaws in the UEFI firmware of Gigabyte BRIX small computers which allow a would-be attacker unfettered low-level access to the computer.

Gigabyte has been working on a fix since the start of 2017. Gigabyte are preparing to release firmware updates as a matter of urgency to only one of the affected models — GB-BSi7H-6500 (firmware vF6), while leaving the — GB-BXi7-5775 (firmware vF2) unpatched as it has reached it’s end of life. We understand that support can’t last forever, but if you sell products with such …read more

Continue reading Gigabytes the Dust with UEFI Vulnerabilities→

VU#507496: GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed

Posted on March 31, 2017 by CERT

GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 and GB-BXi7-5775 platforms,versions vF6 and vF2 respectively,fails to properly set the BIOSWE,BLE,SMM_BWP,and PRx bits to enforce write protection. It also is not cryptographically signed. These issues may permit an attacker to write arbitrary code to the platform firmware,potentially allowing for persistent firmware level rootkits or the creation of a permanent denial of service condition in the platform. Continue reading VU#507496: GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed→