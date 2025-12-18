Asus tells owners of its Intel motherboards to update the BIOS because they 'may allow unintended access to system memory'
And it's because of pesky DMA protections not being triggered to help out add-in PCIe cards.
Security warnings and updates for PCs, their components, and the software they run are everyday occurrences. So much so that we never really give them much attention: We just download the patch and carry on as normal. However, Asus has warned that many of its Intel motherboards are vulnerable and can allow access to system memory, which is enough to make anyone sit up and pay attention.
Asus does point out on its security advisory page that although the problem is widespread and has a CVE rating of 7 (High severity), the vulnerability does require local access to the motherboard in order to gain access to the system RAM.
The problem relates to the IOMMU (Input-Output Memory Management Unit) and add-on PCIe devices. The former has all kinds of protection mechanisms for direct memory access (DMA) operations, but Asus doesn't fully activate them on its Intel motherboards until just before the operating system is able to take over DMA protection duties.
In other words, between first booting up the motherboard and the OS managing DMA operations, there's a window of opportunity for someone to use a PCIe device to gain access to system memory. That's obviously not a good thing, hence Asus' security advice and its subsequent BIOS updates.
It's not just one or two motherboards that are affected by this vulnerability: any Asus motherboard that uses an Intel Z490, W480, B460, H410, Z590, B560, H510, Z690, B660, W680, Z790, B760, or W790 chipset will need a BIOS update. Basically, only its latest boards for Arrow Lake processors and its much older platforms are safe.
If you're wondering why the problem exists in the first place, it's to improve the level of compatibility between the motherboard and any PCIe device you care to install. Some will be a bit picky about DMA protections during the initial boot phase, so it will be interesting to know if such devices throw up any problems once the motherboard's BIOS has been updated.
For maximum security, Asus recommends that you "download and update the BIOS to the specified version from the official website and, in the BIOS Setup Utility, configure the IOMMU DMA Protection setting to 'Enable with Full Protection.' And avoid using unknown add-on devices that have not obtained security certification."
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
With so many Intel motherboards potentially at risk, there's no guarantee that your board will already have a BIOS update to resolve the problem, so keep checking to see when the new firmware comes through. In the meantime, just don't let anyone near your beloved gaming PC. Especially if they've got a dodgy-looking PCIe card that they want to test in your rig.
1. Best AM5 - AMD Ryzen 9000/7000:
MSI MAG X870 Tomahawk WiFi
2. Best budget AM5 - AMD Ryzen 9000/7000:
Asus TUF Gaming B650-Plus WiFi
3. Best midrange AM5 - AMD Ryzen 9000/7000:
ASRock B850 Steel Legend WiFi
4. Best AM4 - AMD Ryzen 5000/3000:
Asus ROG Strix B550-E Gaming
5. Best LGA1851 - Intel Core Ultra 200S:
Asus ROG Maximus Z890 Hero
6. Best budget LGA1851 - Intel Core Ultra 200S
ASRock B860 Steel Legend Wi-Fi
7. Best LGA1700 - Intel 14/13th Gen:
MSI MAG Z790 Tomahawk WiFi
8. Best budget LGA1700 - Intel 14/13th Gen:
Asrock B760M PG Sonic WiFi
Nick, gaming, and computers all first met in the early 1980s. After leaving university, he became a physics and IT teacher and started writing about tech in the late 1990s. That resulted in him working with MadOnion to write the help files for 3DMark and PCMark. After a short stint working at Beyond3D.com, Nick joined Futuremark (MadOnion rebranded) full-time, as editor-in-chief for its PC gaming section, YouGamers. After the site shutdown, he became an engineering and computing lecturer for many years, but missed the writing bug. Cue four years at TechSpot.com covering everything and anything to do with tech and PCs. He freely admits to being far too obsessed with GPUs and open-world grindy RPGs, but who isn't these days?
You must confirm your public display name before commenting
Please logout and then login again, you will then be prompted to enter your display name.