- Summary: This advisory addresses vulnerability CVE-2023-31315. Improper validation in a model specific register (MSR) may allow a malicious program with ring0 access to modify SMM configuration while the SMI lock is enabled, potentially leading to arbitrary code execution.
- Remediation Measures: Users of affected products are advised to update to the latest BIOS version immediately. This update includes the updated AGESA firmware (PhoenixPI-FP8-FP7_1.2.0.0a). Users who do not apply the update assume all associated security risks.
1. Resolved Version: BIOS P1.60 [Download Link] .
2. Download: Please visit the ASRock Industrial Download Center. Search for your specific product model (e.g., 4X4 BOX-8840U) to find and download the required BIOS file.
3. Update Method: The update can be performed via BIOS or Windows. Please refer to the official website documentation for detailed update instructions. The system will restart during the update process; this is normal behavior.
4. Verification Method: Refer to Step 8 of the Windows update instructions to confirm the BIOS version is P1.60 or higher.
|