82
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
this post was submitted on 20 Jul 2025
82 points (100.0% liked)
Linux
8531 readers
541 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
I know Ill get flak for this, but you shouldn't be using end-of-life hardware, including motherboards. Once the vendor stops providing firmware updates, its time to look at replacing that hardware. It doesn't matter what operating system you use, if there are hardware vulnerabilities, then your OS isn't able to properly protect you.
If your hardware is still supported, you should regularly be updating the firmware.
This implies a world in which motherboard vendors actually regularly publish updates for their boards, or publish information about a board being officially end-of-life, which, for many consumer boards, just isn't the case.
Some vendors still have a red flag on their support page discouraging uefi updates unless you're actively experiencing problems.
I dont know which vendor you are referring to, but that is a horrible practice. There should be active support and release notes stating that "This release is a security fix" at a bare minimum. If your motherboard manufacturer does not offer that, then I could never recommend them to someone. They need to be held to a higher standard.
At least from my experience, ASUS, Dell, and Apple will publish that information.
From https://www.gigabyte.com/Motherboard/GA-AX370M-Gaming-3-rev-1x/support#support-dl-bios (manual contains the same, plus a recommendation to keep the default settings):
" Warning: Because BIOS flashing is potentially risky, if you do not encounter problems using the current version of BIOS, it is recommended that you not flash the BIOS. To flash the BIOS, do it with caution. Inadequate BIOS flashing may result in system malfunction."
Its funny because the release notes for their December '21 BIOS update says:
And many of their release notes say that they fix security issues. I would say that supercedes the footnote at the bottom that says to update your BIOS only if you're having issues.
Plus, doesn't Gigabyte have A/B BIOS updates? So if you have a failed flash, you can switch to the previous BIOS that was working?
Most of the recent(ish) updates are vulnerability fixes (after all, the platform is over eight years old now), and they've removed various intermediate versions already or there'd be even more.
This board has a dual BIOS, the integrated flashing utility by default only flashes the main BIOS, and you have to enable the option to flash the backup explicitly. Never had to use the backup, afaik it activates automatically if booting the main BIOS fails several times.
My ASUS "only" has a recovery function (flash BIOS from USB stick automatically if bootup fails) and no warning that I could find.
I'm pretty sure that warning used to be on the UEFI download page for Biostar boards, but they've completely redesigned it, so if it was them, it isn't there anymore.
I've seen some Asus and MSI Boards getting only uefi updates marked as beta, with the next update, months later, also being marked as beta. With Asus, there have been allegation that they try to get out of warranty claims this way.
I've had less problems with Dell and Lenovo, which probably comes from them being more enterprise focused. I think the problem is that the for the average consumer, uefi updates are last on their mind when picking a board.
Apple, and, to a lesser degree, Lenovo and Dell, seem hardly comparable, since their focus isn't selling mainboards as a stand-alone component.