System Management Mode (SMM) callout vulnerabilities have been discovered in Gigabyte firmware, allowing potential attackers to elevate privileges and execute arbitrary code. Despite previous fixes from the original firmware supplier AMI, these vulnerabilities have reappeared, prompting Gigabyte to release updates. Users are urged to check for firmware updates to secure their systems against exploitation.

Lenovo has announced high-severity BIOS vulnerabilities in its all-in-one desktops that could allow attackers to bypass Secure Boot, particularly affecting models with customized Insyde UEFI firmware. Six flaws discovered by Binarly can lead to privilege escalation and persistent firmware compromise, with security updates already available for some models and planned for others in the coming months.