BIOS Updates for Recent Security Vulnerabilities in Intel Processors (SA-00329)
CVE-2020-0543, CVE-2020-0548, CVE-2020-0549
Mar 27, 2020
GIGABYTE acknowledges the following security vulnerabilities affecting our server products that have recently been discovered and announced by Intel:
| Security Advisory | Common Vulnerabilities or Exposures (CVE) Code | Severity Rating | Details |
|---|---|---|---|
| Intel SA-00329 Released 01/27/2020 |
CVE-2020-0548 | Low | Cleanup errors in some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. |
| CVE-2020-0549 | Medium | Cleanup errors in some data cache evictions for some Intel® Processors may allow an authenticated user to potentially enable information disclosure via local access. | |
| Microsoft Released 01/08/2019 |
CVE-2020-0543 | Important | An elevation of privilege vulnerability exists when Windows improperly handles authentication requests, aka "Microsoft Windows Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. |
Intel has released microcode updates to help address these security vulnerabilities. GIGABYTE has combined the new microcode into BIOS updates for our server motherboards, server systems and workstations which use these affected processors. Please find the following affected products and their BIOS update availability.
| Affected Intel CPU Platform | Affected GIGABYTE Server Products | BIOS Update Schedule & Version |
|---|---|---|
| Intel Xeon E3-1200 V5/V6 (Greenlow / Greenlow Refresh) |
Server Motherboards, R-Series Server, G-Series Server, W131-X30 | Available |
| Intel Xeon W (Skylake W – Basin Falls/Gracier Falls) |
Server Motherboards, W281-G40 | Available |
| Intel Xeon D-2100 (Skylake D - Bakerville) |
MB51-PS0 | Available |
| Intel Xeon E-2100 / E-2200 (Mehlow / Mehlow Refresh) |
Server Motherboards | Available |
| Intel Xeon Scalable Platinum & Gold (Skylake) |
Server Motherboards, Rack Server, HPC System, Hyper-Converged System, Storage Server | Available |
Please navigate to the "Support" section of the relevant product page to download the updated BIOS.
For any further assistance regarding this issue please contact your GIGABYTE sales representative, or create a new support ticket at https://esupport.gigabyte.com
