Read Time:29 Second
Researchers warn that the UEFI firmware in many motherboards made by PC hardware manufacturer Gigabyte injects executable code inside the Windows kernel in an unsafe way that can be abused by attackers to compromise systems. Sophisticated APT groups are abusing similar implementations in the wild.
“While our ongoing investigation has not confirmed exploitation by a specific threat actor, an active widespread backdoor that is difficult to remove poses a supply chain risk for organizations with Gigabyte systems,” researchers from security firm Eclypsium said in a report.