Motherboard mishaps undermine trust, security

Robert Lemos, Dark Reading

August 28, 2023

3 Min Read
Motherboard mishaps undermine trust, security

Microsoft’s latest Windows Preview appears to trigger a bug on some motherboards made by computer hardware manufacturer MSI. It’s the latest motherboard misstep revealed in 2023.

In a pair of statements published over the weekend, both Microsoft and MSI said they are aware that installing the latest Windows Preview causes some computers to blue screen with an unsupported-processor error. The update, referred to as KB5029351 Preview, offers new features and other improvements for a variety of Windows 11 components, including the search app as well as the defaults for various apps.

As of Aug. 28, neither Microsoft nor MSI has uncovered the cause of the issue, and neither company returned a request for comment.

“Both MSI and Microsoft are aware of the ‘UNSUPPORTED_PROCESSOR’ error and have begun investigating the root cause,” MSI wrote in its statement. “While the investigation is underway, we recommend that all users temporarily refrain from installing the KB5029351 Preview update in Windows.”

The issue is the latest mishap in a stream of problems that have impacted motherboard makers in the past year. In January, a set of five vulnerabilities in firmware used by baseboard management controllers — remote management chips included on many server motherboards — could have allowed remote access over the Internet. In late May, researchers revealed that a backdoor in hundreds of models of motherboards from Gigabyte, intended to allow easier updating, left computers open to attack. The company patched the issue the next day.

And in March, security firms warned that the BlackLotus malware was targeting the Unified Extensible Firmware Interface (UEFI), which acts as the low-level software glue between the operating system and the motherboard. Bad actors were using it as a way to bypass Microsoft’s Secure Boot. The US Cybersecurity and Infrastructure Security Agency (CISA) reiterated the warning earlier this month, saying that cyber defenders and firmware developers were lagging behind threat groups in their ability to guard against the problems.

“UEFI is essential to most computers,” CISA stated in the call to action. “Based on recent incident responses to UEFI malware such as BlackLotus, the cybersecurity community and UEFI developers appear to still be in learning mode.”

Blue Screens and Imposed Costs

While crashes often herald the existence of vulnerabilities, the MSI motherboard issue likely will not have security implications, just availability concerns, for those impacted companies, says Nate Warfield, director of threat research and intelligence at Eclypsium, a firmware security firm.

“Blue screen of death is, in and of itself, not usually a vulnerability — it’s something that people who are developing exploits will run into,” he says. “So it sounds like there’s some interoperability miss that happened here.”

Motherboards have become a complex ecosystem of technologies, from the Trusted Platform Module (TPM) chips that act as digital lock on the data passing through the chips on the devices, to the UEFI standard that enables the operating system to control low-level devices through drivers.

To read the complete article, visit Dark Reading.

 

About the Author

Subscribe to receive Urgent Communications Newsletters
Catch up on the latest tech, media, and telecoms news from across the critical communications community