• Competitor rules

    Please remember that any mention of competitors, hinting at competitors or offering to provide details of competitors will result in an account suspension. The full rules can be found under the 'Terms and Rules' link in the bottom right corner of your screen. Just don't mention competitors in any way, shape or form and you'll be OK.

AMD processors from 2011 to 2019 vulnerable to two new attacks

humbug said:
Both are the same Zen 1 CPU under different names, and from 2017, Not 2019. Did they test Zen+ or Zen 2? As far as i can tell they also used Linux, not Windows. Anything beyond that is assumption. The researchers actually said this themselves. And AMD have responded, stating that Windows has already been patched for this exploit.
Click to expand...
They provided a list of the CPUs they tested on from K8 (2013) to Zen 2 (2019). Looks like they only provided benchmark data for a couple. They did indeed use Linux as it is the preferred O/S for this type of research. All the previous vulnerabilities have used Linux for the proof of concept.

I agree that these are mostly of academic interest and are of little concern to the home user. But equally they are not faked or the work of Intel shills.
 
ChrisLX200 said:
I can't say I understand the technicalities of these exploits at all, but I would suggest the OS installation most home users run has inherantly more liabilities than any CPU exploit offers.
Click to expand...

Some of the recent Windows 10 vulnerabilities that have been closed have been way more concerning than either these or the Intel vulnerabilities yet strangely gets far less attention. Some of them are actual, viable over the internet, remote execution vectors as well while most of these CPU vulnerabilities aren't that kind of problem.
 
The Intel flaws that can’t be patched (most of them) are the biggest liabilities by far. These issues will drag out for decades and could spawn numerous day one exploits.
 
ChrisLX200 said:
I can't say I understand the technicalities of these exploits at all, but I would suggest the OS installation most home users run has inherantly more liabilities than any CPU exploit offers.
Click to expand...

Right. Windows is the biggest exploit going, if you wanted to get data from someones computer you wouldn't bother with the CPU, your OS is practically handing it to anyone who wants to look.
 
Rroff said:
Some of the recent Windows 10 vulnerabilities that have been closed have been way more concerning than either these or the Intel vulnerabilities yet strangely gets far less attention. Some of them are actual, viable over the internet, remote execution vectors as well while most of these CPU vulnerabilities aren't that kind of problem.
Click to expand...

I have to admit, if I see one of these kind of CPU based "attacks" that require physical access to exploit, I just roll my eyes and move on. After all, if a stranger is physically at my computer when i'm not there I have bigger issues than them exploiting my processor.

I can't tell with these new AMD ones, do they require physical access to the computer?
 
Tute said:
I have to admit, if I see one of these kind of CPU based "attacks" that require physical access to exploit, I just roll my eyes and move on. After all, if a stranger is physically at my computer when i'm not there I have bigger issues than them exploiting my processor.

I can't tell with these new AMD ones, do they require physical access to the computer?
Click to expand...

When this gets a CVE designation, then details will follow.

https://www.cvedetails.com/vulnerability-list/vendor_id-7043/AMD.html

Here is one for intel.

https://www.cvedetails.com/vulnerab...&sha=1d6011c41df6dde5f48a4f36352f44c40f918a0a
 
You must log in or register to reply here.
Back
Top Bottom