AMD has confirmed a vulnerability in its processor lineup that leaked out early before the company had a chance to issue a patch. While the vulnerability appears to affect consumer Ryzen CPUs, AMD has yet to name them nor describe the vulnerability.
The vulnerability will require mitigations, however, AMD said. A security bulletin is due soon.
The Register reported that Tavis Ormandy, who works at Google’s Project Zero, had noted that Asus released a beta version of a BIOS update for its gaming motherboards with a mention of an AMD vulnerability. Ormandy edited his post to remove the reference, but not before the Register report was published.
AMD has confirmed that the bug exists, but that it needs both local administrative access to the PC in question and specific microcode designed to attack the vulnerability.
“AMD is aware of a newly reported processor vulnerability,” a company spokesperson confirmed in an email. “Execution of the attack requires both local administrator level access to the system, and development and execution of malicious microcode. AMD has provided mitigations and is actively working with its partners and customers to deploy those mitigations.”
AMD wouldn’t say which processors were affected, or the nature of the vulnerability. For now, consumers will have to wait. But not long.
“AMD recommends customers continue to follow industry-standard security practices and only work with trusted suppliers when installing new code on their systems,” the AMD representative wrote. “AMD plans to issue a security bulletin soon with additional guidance and mitigation options.”
Accedi per aggiungere un commento
Altri post in questo gruppo
Having a fast flash drive on hand can save you the pain of transferri
Vivaldi has taken another slow step toward providing better sync opti
If you have a Chromebook, here’s an interesting development for you:
I’m old enough to remember when consoles were getting seriously power
