GIGABYTE Issues BIOS Update to Fix Intel Manageability Firmware Vulnerability

GIGABYTE is rolling out new BIOS updates addressing the security advisory from Intel. This security advisory issued in May, concerns the manageability firmware vulnerability that allows elevated access to potential attackers. For example, the vulnerability could enable a network attacker to remotely gain access to business PCs.

Intel devices that utilize Intel Active Management Technology (AMT), Standard Manageability (ISM), or Small Business Technology (SBT) are affected. This includes those with business line chipsets:

• Q270
• Q170
• B250
• X170
• X150
• B150

Furthermore, even older generation Q87, Q85, and B85 chipset mainboards are also vulnerable.

There are some exceptions. This exploit does not include Intel-based consumer PCs with consumer firmware, for instance. Intel servers utilizing Intel Server Platform Services (Intel SPS), or Intel Xeon Processor E3 are exempt. Additionally, Intel Xeon Processor E5 workstations utilizing Intel SPS firmware are safe.

For those not on a GIGABYTE product, Intel has detection and mitigation guides available instead. This should help while they wait for official BIOS fixes from their manufacturer.

GIGBAYE BIOS Update for Affected Products

GIGABYTE provides the following product-specific BIOS update for their affected products. Moreover, the company will also issue fixes for older Q87, Q85, and B85 chipset mainboards soon.

The fimrware fix application is done through regular BIOS update installation. As a matter of fact, GIGABYTE has a built-in flash utility for convenient installation within the UEFI.

Download updates available:

• GA-Q270M-D3H
• GA-Q170M-D3H
• GA-Q170M-MK
• GA-X170-WS ECC