AMD Announces Security Patches For All CTS Labs Vulnerabilities, Even Though They Are Hard To Achieve
It's been simply over a week that Israeli cyber-security startup CTS Labs published its whitepaper on the laundry-listing of vulnerabilities termed 'AMDFlaws' affecting AMD'southward EPYC, Ryzen, Ryzen Pro and Ryzen Mobile CPU lineups. The written report managed to create quite a stir amid cyber-security analysts and industry insiders, with many of them lambasting the Tel Aviv-based firm for disclosing the vulnerabilities publicly only a mean solar day after notifying AMD near them, blindsiding the chipmaker completely.
Some, like outspoken tech guru and the creator of the Linux kernel, Linus Torvalds, have even gone and then far as to question the findings themselves, calling the security advisory 'garbage', and saying that "it looks like the It security world has hit a new depression". However, others, like reputed cyber-security analyst, Dan Guido, said that he and his team reviewed the flaws, and found them to be very existent, irrespective of all the hype and controversy surrounding them.
On its part, AMD said that it volition investigate the written report "to understand the methodology and merit of the findings". At present, the company has released a statement confirming all the xiii vulnerabilities detailed by CTS, and has promised to issue patches for all of them inside the next few weeks. The company further added that it doesn't expect whatsoever performance deposition because of impending updates.
The full statement highlights the level of difficulty and access needed to pull off the hacks described in the CTS Labs discovery "Information technology's important to note that all the issues raised in the inquiry crave administrative access to the system, a blazon of admission that effectively grants the user unrestricted access to the arrangement and the right to delete, create or modify any of the folders or files on the calculator, as well as change any settings." AMD further added that anyone that tin proceeds unauthorized administrative access can execute attacks of greater severity than the ones CTS Labs identified.
According to AMD, the bug volition be fixed with firmware patches and BIOS updates within the adjacent few weeks, "not months". The company likewise said that none of these issues are Zen-specific, merely chronicle to the PSP and ASMedia chipsets. The flaws are also apparently unrelated to the Meltdown and Spectre vulnerabilities that created so much confusion over the by few months.
Source: https://beebom.com/amd-patches-cts-labs-vulnerabilities/
Posted by: tompkinswhaved.blogspot.com
0 Response to "AMD Announces Security Patches For All CTS Labs Vulnerabilities, Even Though They Are Hard To Achieve"
Post a Comment