Announcement

Collapse
No announcement yet.

New warning shows up on gigabyte bios downloads after a month

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
  • #1

    New warning shows up on gigabyte bios downloads after a month

    This was not present and it appeared three days ago. No extra information provided.
    It showed up on many other motherboards:
    https://www.gigabyte.com/Motherboard...upport-dl-bios

    Code:
    Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest.
Credits to "Assaf Carlsbad and Itai Liba from SentinelOne"
• Introduce capsule BIOS support starting this version.


1* Checksum : 8946
2* Update AGESA ComboV2 1.2.0.4 A
3* Change default status of AMD PSP fTPM to Enabled for addressing basic Windows 11 requirements https://support.microsoft.com/windows/1fd5a332-360d-4f46-a1e7-ae6b0c90645c
    The original description that remained for almost two months only listed the numbered lines from above. The checksum is the same and didn't change since the original publish date, but the warnings are new.

    Does anyone have any more information?
    Last edited by dc740; 02 December 2021, 10:33 AM.
    Tags: None
  • #2
    Probably that TPM option was turned on by default. Makes installing/upgrading to Win11 easier for those less tech savvy. Especially for those who want to upgrade straight from Win10.

    Remember reading about it somewhere some weeks a go, anyway. My 2 cents.
    Last edited by aht0; 02 December 2021, 09:22 PM. Reason: typo

    Comment

    • #3
      Hi, thanks for replying! Let me clarify.
      TPM notice was present on the first release back in October, and yes, they just enabled it by default for win 11. The message I'm referencing that appeared a few days ago out of the blue is this one:

      Code:
      Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest. Credits to "Assaf Carlsbad and Itai Liba from SentinelOne" • Introduce capsule BIOS support starting this version.
      The binary file is the same, so it looks like some kind of "safe disclosure". I was hoping someone else had more information on the major vulnerability that was patched.

      Comment

      • #4
        What is the exact model of your board? I'm getting interested

        Comment

        • #5
          Mine is a B450 AORUS PRO (rev. 1.0)

          But it seems it's the same for newer chipsets:
          https://www.reddit.com/r/AMDHelp/com...fix_for_major/

          Here is another example:
          https://www.gigabyte.com/us/Motherbo...upport-dl-bios


          The security researchers are the same that reported some Intel vulnerabilities too:
          https://www.bankinfosecurity.com/int...-flaws-a-17932

          Intriguing indeed.

          EDIT:
          other people has also noticed that the information was added just a few days ago. Google returned a couple of posts like these ones:
          Is Gigabyte only vendor security aware?
          https://www.techpowerup.com/forums/threads/is-gigabyte-only-vendor-security-aware.289522/
          Just got wind of this today. Checked for bios updates on my Gigabyte Z590 board & there is a bios update that addresses this among other measures; ... 2. Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest. Credits to "Assaf Carlsbad and...

          https://forum.gigabyte.us/thread/13573/aorus-xtreme-major-vulnerabilities-updates


          Looking for the exact update string reveals the notice has been added to boards with old (...360) and new (...590) chipsets alike.
          Last edited by dc740; 03 December 2021, 09:27 AM.

          Comment

          • #6
            Im just confused on what capsule bios support is.

            Comment

            • #7
              My one board (B450 Aorus-M) shows last bios being 62D, released back in Oct 13.
              Changelog:
              • Major vulnerabilities updates, customers are strongly encouraged to update to this release at the earliest.
              Credits to "Assaf Carlsbad and Itai Liba from SentinelOne"
              • Introduce capsule BIOS support starting this version.
              1. Checksum : 09DE
              2. Update AGESA ComboV2 1.2.0.4 A
              3. Change default status of AMD PSP fTPM to Enabled for addressing basic Windows 11 requirements (https://support.microsoft.com/window...7-ae6b0c90645c)
              Second rig has Asus ROG B450i Strix, latest bios changelog
              Version 4602
              2021/09/10 10.97 MBytes

              ROG STRIX B450-I GAMING BIOS 4602
              "1. Update AMD AM4 AGESA V2 PI 1.2.0.3 Patch C
              2.Improve system performance"

              So Asus doesn't have any mention of this "vulnerability" and Gigabyte's is crediting SentinelOne for finding something? Something specific to Gigabyte?

              Comment

              • #8
                I'm running an X299-Designare EX & am wondering if there have been any reported problems with the Capsule BIOS & Linux installs? I have enough problems with needing to "restore" my UEFI after a BIOS update as it is.

                Comment

                • #9
                  As everything else whose already answered hire is documentation about capsule BIOS and it actually sounds useful (ability to exchange settings with OS).
                  Redirect Notice
                  https://www.google.com/url?sa=t&source=web&rct=j&url=https://uefi.org/sites/default/files/resources/10_Zach_AMI_capsule%2520configurations.pdf&ved=2ahUKEwiQrN-T6Nz1AhXlwAIHHXgXBR8QFnoECC8QAQ&usg=AOvVaw3UQfL5b3hxEloNye_fuvrl

                  Comment

                  • #10
                    Yes, it does sound useful. AFAIK it is also what fwupd uses (but please, double check. I didn't research a lot)

                    Comment

                    Previous template Next
                    Working...
                    X