The Indian government has issued a cybersecurity warning highlighting multiple security flaws affecting popular PC motherboards used in millions of Windows systems across the country. The advisory has been released by CERT-In under the Ministry of Electronics and Information Technology, flagging risks linked to early boot-stage protections.
According to the advisory, the vulnerabilities could be exploited to bypass security restrictions and compromise system integrity, particularly in scenarios involving physical access to affected devices.
Motherboard vendors and platforms affected
The vulnerabilities impact motherboards from several major manufacturers widely used in consumer and enterprise PCs. CERT-In listed affected platforms from ASRock, Gigabyte, MSI, along with ASUS and AMD-based boards used across different Intel and AMD chipset generations.
The affected systems primarily include motherboards paired with Intel 500, 600, 700 and 800 series chipsets, as well as several AMD chipset-based platforms. These boards are commonly found in desktops running Microsoft Windows across home, business and institutional environments.
What is the security risk?
CERT-In noted that the issue stems from improper enforcement of Direct Memory Access (DMA) protections during the early boot process. This weakness could allow a local attacker with physical access to connect a malicious PCIe device and gain unauthorised access to system memory before the operating system fully loads.
If successfully exploited, the flaw may enable attackers to bypass existing security controls, escalate privileges and compromise the integrity of the affected system. The advisory categorised the severity level as high, particularly for environments where systems are physically accessible to multiple users.
Who should be concerned?
The warning applies to both organisations and individual users using affected motherboards. Enterprises, government offices, educational institutions and shared workplaces are considered at higher risk due to device accessibility and scale of deployment.
CERT-In has advised Windows PC users to review their motherboard models and chipset details to determine exposure.
Recommended action and updates
Users are advised to apply the latest security updates and firmware patches released by motherboard vendors. CERT-In has shared official security advisory links from manufacturers, urging timely installation to mitigate the risk.
Until updates are applied, organisations have been advised to restrict physical access to systems and follow standard device security practices to reduce exposure.
Discover the latest Business News, Sensex, and Nifty updates. Obtain Personal Finance insights, tax queries, and expert opinions on Moneycontrol or download the Moneycontrol App to stay updated!
