BIOS Updates for Recent Security Vulnerabilities in Intel Processors (SA-00329)

CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
2020/03/27

GIGABYTE acknowledges the following security vulnerabilities affecting our server products that have recently been discovered and announced by Intel:

Security AdvisoryCommon Vulnerabilities or Exposures (CVE) CodeSeverity RatingDetails
Intel SA-00329
Released
01/27/2020
CVE-2020-0548 Low Cleanup errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
CVE-2020-0549 Medium Cleanup errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access.
Microsoft
Released
01/08/2019
CVE-2020-0543 Important An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

Intel has released microcode updates to help address these security vulnerabilities. GIGABYTE has combined the new microcode into BIOS updates for our server motherboards, server systems and workstations which use these affected processors. Please find the following affected products and their BIOS update availability.

Affected Intel CPU PlatformAffected GIGABYTE Server ProductsBIOS Update Schedule & Version
Intel Xeon E3-1200 V5/V6
(Greenlow / Greenlow Refresh)
Server Motherboards, R-Series Server, G-Series Server, W131-X30 Available
Intel Xeon W
(Skylake W – Basin Falls/Gracier Falls)
Server Motherboards, W281-G40 Available
Intel Xeon D-2100
(Skylake D - Bakerville)
MB51-PS0 Available
Intel Xeon E-2100 / E-2200
(Mehlow / Mehlow Refresh)
Server Motherboards Available
Intel Xeon Scalable Platinum & Gold
(Skylake)
Server Motherboards, Rack Server, HPC System, Hyper-Converged System, Storage Server Available

Please navigate to the "Support" section of the relevant product page to download the updated BIOS.

For any further assistance regarding this issue please contact your GIGABYTE sales representative, or create a new support ticket at https://esupport.gigabyte.com