"GIGABYTE Releases New Firmware to Fix Recently Disclosed Security Flaws"

GIGABYTE has issued firmware updates to address security vulnerabilities in more than 270 motherboards that could be used to install malware. The firmware updates were released in response to a report by the hardware security company Eclypsium, which discovered flaws in a legitimate GIGABYTE feature used to install a software auto-update application in Windows. Windows has a feature called Windows Platform Binary Table (WPBT) that enables firmware developers to automatically extract an executable from the firmware image and execute it in the operating system. However, Eclypsium researchers found security flaws in the WPBT process that attackers could exploit to deliver malware in man-in-the-middle (MiTM) attacks. This article continues to discuss GIGABYTE's release of firmware updates to fix security vulnerabilities in over 270 motherboards.

Bleeping Computer reports "GIGABYTE Releases New Firmware to Fix Recently Disclosed Security Flaws"