Researcher finds UEfi code with vulnerability on Gigabyte motherboards

The UEFI code vulnerability that a researcher found in the driver of Lenovo ThinkPad laptops is also found in the UEFI code of many Gigabyte motherboards. These are motherboards with chipsets for Sandy Bridge to Broadwell processors.

Security researcher Alex James struck the vulnerability affects the Gigabyte motherboards Z68-UD3H, Z77X-UD5H, Z87MX-D3H, and Z97-D3H. This means that motherboards with chipsets for Intel’s Sandy Bridge up to and including Broadwell are affected and James concludes that many more motherboards are vulnerable. Also, the guid of Gigabyte’s eufi driver is different from that of the driver of the ThinkPads and the HP laptop that previously appeared to be vulnerable.

In addition to the motherboards is another laptop found it which has a vulnerable driver: the Fujitsu Lifebook A574/H. Presumably, more systems will be found in the near future that are susceptible to the exploit that security researcher Dmytro Oleksiuk published earlier this month.

It initially appeared to be code for the SmmRuntimeManagementCallback() function that Intel distributed for its 8 Series chipset, but the problem now appears to be more extensive. Through the leak, a system can be taken over and deep security layers can be circumvented. According to the discoverer of the zero-day leak, there is little chance that malicious people will actually abuse the exploit.

Update: Tweaker Vipeax discovered that the uefi driver of the Gigabyte GA-Z77X-UP7 is also vulnerable.