AMD this week responded to the disclosure of a set of security vulnerabilities affecting its processors, acknowledging that the flaws exist and promising it will release fixes in the coming weeks. The flaws in question, disclosed last week by CTS-Labs, involve 13 critical security vulnerabilities (spread across four families: Masterkey, Fallout, RyzenFall, and Chimera) found throughout AMD's Ryzen and EPYC product lines.
AMD is quick to point out that the issues are not related to its "Zen" CPU architecture or the Meltdown and Spectre flaws disclosed earlier this year. Rather, they impact the AMD Secure Processor embedded in some products, as well as the chipset in some socket AM4 and TR4 platforms. Further, AMD claims that attackers seeking to exploit these flaws would require administrative access to execute them, meaning they'd already have unrestricted access to the system. From AMD:
Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research. Further, all modern operating systems and enterprise-quality hypervisors today have many effective security controls, such as Microsoft Windows Credential Guard in the Windows environment, in place to prevent unauthorized administrative access that would need to be overcome in order to affect these security issues.
In its original disclosure, CTS-Labs claimed that Masterkey, Ryzenfall, and Fallout could take "several months" to fix, but AMD says that it plans to release firmware patches "in the coming weeks." For more on AMD's planned release timeline, as well as the technical details surrounding each flaw, check out AMD's full response.
Here's why Microsoft just dropped nearly $20 billion on Nuance
Microsoft now owns Nuance Communications. Here's an analysis of the deal's big-picture implications, including what it means for Microsoft's cloud competition.
From success to success, Mojang Studios still feels like an indie studio
Mojang Studios is the developer behind one of the most popular and successful franchises in the world: Minecraft. Despite the undeniable power of Minecraft and their acquisition in 2014 by gaming powerhouse Microsoft, Mojang Studios sometimes still feels like an underfunded indie studio.
I became a Halo war journalist in ArmA 3
Halo is often characterized by its supersoldier-focused perspectives with characters like Master Chief and Spartan Locke. But what's it like to be a regular human on 26th-century battlefields? I signed myself up for a "war journalist" roleplay session in Halo-themed Arma 3 to find out.
Going all-in on crypto mining? These are the best GPUs for you.
If you're looking for the right graphics card to get into mining for cryptocurrencies, you need one of these. We've rounded up the absolute best graphics cards to mine cryptocurrencies like Bitcoin and Ethereum.