Security Vulnerabilities
Image: GIGABYTE

Asus and Gigabyte have announced to release new BIOS update to address the recent Microarchitectural Data Sampling (MDS) security vulnerabilities found by Intel’s internal researchers and partners in Intel Processors. This is a new sub-class of speculative execution side-channel vulnerabilities found in Intel CPUs, called Microarchitectural Data Sampling (MDS), also known as ZombieLoad, RIDL, and Fallout that may allow information disclosure.

According to the Asus BIOS update page, Intel states that selected 8th and 9th Generation Intel Core processors, as well as the 2nd Generation Intel Xeon Scalable processor family, are not vulnerable to MDS. If you are using one of these processors, no further action is necessary.

For other Intel processors, ASUS says that it’s working closely with Intel to provide a solution in a forthcoming BIOS update. Asus also recommends owners of affected products update both the BIOS and operating system as soon as these mitigations are available. Asus has also released the full list of affected products which will be getting the latest BIOS update, you can find first-wave of the models and other details here.

On the other hand, Gigabyte has also provided details on the possible security vulnerabilities affecting its server products. Gigabyte has also released the BIOS update schedule which will start rolling out from June 3 to June 10. You can find the full BIOS update schedule date here.

Gigabyte advises, to navigate to the “Support” section of the relevant product page to download the updated BIOS when it becomes available.

It also says that ”Intel has released microcode updates to help address these security vulnerabilities. GIGABYTE is working to combine the new microcode into BIOS updates for our server motherboards and systems which use these affected processors.”

Source: (12)