Insyde Software Corporation Information for VU#631788
BIOS implementations permit unsafe SMM function calls to memory locations outside of SMRAM
- Vendor Information Help Date Notified: 10 Dec 2014
- Statement Date: 02 Feb 2015
- Date Updated: 02 Feb 2015
Insyde has reviewed the Insyde BIOS code and believes all Insyde systems are not vulnerable to this issue. However to be prudent, Insyde has hardened all of the interfaces in InsydeH2O SMM handlers.
The updates were available in Tags 03.74.26 and 05.04.25 which was the 2014 work week 25 and 26 release. The internal tracking number was IB02960648. OEM and ODM customers are advised to contact their Insyde support representative fordocumentation and assistance. End users are advised to contact the manufacturer of their equipment.
We are not aware of further vendor information regarding this vulnerability.
There are no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.