Kioxia Exceria 1TB M.2 NVMe SSD review
Samsung 870 QVO 2TB SSD review
Guru3D Rig of the Month - June 2020
ASUS ROG Strix Z490-E Gaming review
MSI MEG Z490 Godlike review
TeamGroup Cardea Zero Z340 M.2 NVMe review
AMD Ryzen RAM scaling - performance effect in games
Elgato WAVE:3 review
Gigabyte B550i Aorus PRO AX review
ASUS STRIX B550-F Gaming review
AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities
AMD has finished up its patches for vulnerabilities that security company CTS Labs announced last month. The chip designer reports that the updates for, among others, Epyc chips are in the final phase of testing and should become available next month through a Firmware patch.
CTS Labs announced the bugs unexpectedly and without any warning a while ago, according to the security company, it would take many months to close the vulnerabilities. CTS recently once more contacted Toms Hardware to 'express their concern about the lack of updates from AMD regarding these vulnerabilities'. The company said it believed many of the vulnerabilities 'would take months to fix'. One of them, Chimera, would even require a hardware change.
According to AMD we can expect updates this month, AMD has explained to Tom's Hardware. Ecosystem partners should already have the new patches for internal testing with this response:
Within approximately 30 days of being notified by CTS Labs, AMD released patches to our ecosystem partners mitigating all of the CTS identified vulnerabilities on our EPYC platform as well as patches mitigating Chimera across all AMD platforms. These patches are in final testing with our ecosystem partners in advance of being released publicly. We remain on track to begin releasing patches to our ecosystem partners for the other products identified in the report this month. We expect these patches to be released publicly as our ecosystem partners complete their validation work.
Let us again reiterate, the vulnerabilities within the AMD systems require admin privileges and for most things, physical access to the hardware to modify things, thus a local exploit in a context where Admin Access Rights are needed.
Meanwhile, CTS labs pushed another document full of accusations, released May 1st this month (there's not a single word on Intel recent or upcoming Vulnerabilities on their websites, of course):
AMD has lowered Radeon 6850 pricing in the EU - 08/10/2011 09:47 AM
AMD has decided to lower the pricing for Radeon HD 6850 based graphics cards, which now have an MSRP of 129
AMD has 10-core CPUs in the pipeline - 07/26/2011 10:28 AM
Lots of processor nes the past few days alright, a new roadmap leaked which shows that AMD is planning 10-core processors for consumers, they are planned for 2012 already. The processors are part of ...
AMD has over 800.000 DX11 class GPUs shipped - 12/16/2009 06:16 AM
Interesting story over at Xbitlabs today. They claim that Advanced Micro Devices, said on Monday that it had shipped over 800 thousand of graphics processing units (GPUs) that support DirectX 11 appli...
Fox2232
Senior Member
Posts: 10314
Joined: 2012-07-20
Senior Member
Posts: 10314
Joined: 2012-07-20
#5543802 Posted on: 05/04/2018 01:04 PM
If only they were less stupid... Again, all they want it this being discussed in earnings call. All they care about is panic money.
If only they were less stupid... Again, all they want it this being discussed in earnings call. All they care about is panic money.
AsiJu
Senior Member
Posts: 6351
Joined: 2010-10-16
Senior Member
Posts: 6351
Joined: 2010-10-16
#5543804 Posted on: 05/04/2018 01:15 PM
What, CTS Labs is still there?
Also gotta love this:
AMD:
"... as well as patches mitigating Chimera across all AMD platforms..."
CTS Labs:
"... CHIMERA cannot be directly fixed..."
also as pointed out above any "security" company citing Wikipedia articles as reference loses all credibility.
Last, I really fail to see the point of that document. They accuse AMD of not releasing patches, in a couple of weeks, for vulnerabilities they themselves said would take months to fix?
AMD should sue those mofos for all they're worth.
What, CTS Labs is still there?
Also gotta love this:
AMD:
"... as well as patches mitigating Chimera across all AMD platforms..."
CTS Labs:
"... CHIMERA cannot be directly fixed..."
also as pointed out above any "security" company citing Wikipedia articles as reference loses all credibility.
Last, I really fail to see the point of that document. They accuse AMD of not releasing patches, in a couple of weeks, for vulnerabilities they themselves said would take months to fix?
AMD should sue those mofos for all they're worth.
airbud7
Senior Member
Posts: 7843
Joined: 2011-07-20
Senior Member
Posts: 7843
Joined: 2011-07-20
#5543809 Posted on: 05/04/2018 01:45 PM
"The vulnerabilities within the AMD systems require admin privileges and for most things, physical access to the hardware to modify things"
So...
If a hacker comes knocking on your door holding a thumb drive...Kick him in the n*tz!
"The vulnerabilities within the AMD systems require admin privileges and for most things, physical access to the hardware to modify things"
So...
If a hacker comes knocking on your door holding a thumb drive...Kick him in the n*tz!
Sempaii
Senior Member
Posts: 110
Joined: 2014-10-16
Senior Member
Posts: 110
Joined: 2014-10-16
#5543820 Posted on: 05/04/2018 02:29 PM
Dare i ask why they even get there words on the page ;-)
Smells alot !
Dare i ask why they even get there words on the page ;-)
Smells alot !
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 1913
Joined: 2013-03-10
I'm surprised this CTS Labs even exists anymore. The folks behind it had apparently used various front company names to pull off stock market and other tricks in the past as well. I reckon this case targeting AMD is their biggest heist so far, and they aren't sure when to stop. Probably they didn't manage to make as much money as they hoped when they first published these "shocking vulnerabilities". I'm not sure even Intel would deign to deal with these small-time crooks. Intel bosses might feel like there's no soap so strong it the world that they could ever wash the stench off if they shook hands these CTS Labs people.