cross-posted from: https://feddit.de/post/721048

“While Eclypsium says the hidden code is meant to be an innocuous tool to keep the motherboard’s firmware updated, researchers found that it’s implemented insecurely, potentially allowing the mechanism to be hijacked and used to install malware instead of Gigabyte’s intended program.”

  • Solstice@lemmy.one
    link
    fedilink
    English
    arrow-up
    1
    ·
    edit-2
    2 years ago

    Disable it using registry edit:

    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
    "DisableWpbtExecution"=dword:00000001
    
    • NoxiousPluK
      link
      fedilink
      English
      arrow-up
      4
      ·
      edit-2
      2 years ago

      Microcontrollers can perfectly fine initiate connections and download stuff, and there’s plenty of those on a motherboard. I’m not sure if that’s also the case/flow here, but it could technically be.

      Edit: Many modern UEFI BIOS’s can also initiate connections and check for updates themselves.