According to Gigabyte, that code is now cryptographically signed and verified, "thwarting any attempts by attackers to insert malicious code," and the server they're downloaded from is also authenticated with a cryptographic certificate.
But a day after Eclypsium revealed the firmware issue, Gigabyte announced updates to its firmware with "enhanced verification" of the code its updater program downloads to machines that use its motherboards. Gigabyte did not respond to WIRED’s multiple requests for comment regarding Eclypsium’s findings.
0 kommentar(er)
