Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Corsair MM700 & Corsair Katar Pro XT Review
Guru3D Rig of the Month - February 2021
ASUS GeForce RTX 3060 STRIX Gaming OC review
EVGA GeForce RTX 3060 XC Gaming review
MSI GeForce RTX 3060 Gaming X TRIO review
PALIT GeForce RTX 3060 DUAL OC review
ZOTAC GeForce RTX 3060 AMP WHITE review
Fractal Design Meshify 2 Compact chassis review
Sabrent Rocket 4 PLUS 2TB NVMe SSD review
MSI Radeon RX 6900 XT GAMING X TRIO review

New Downloads
Display Driver Uninstaller Download version 18.0.3.7
Guru3D RTSS Rivatuner Statistics Server Download 7.3.0 Final
Media Player Classic - Home Cinema v1.9.10 Download
GeForce 461.72 WHQL driver download
AIDA64 Download Version 6.32.5640 beta
CrystalDiskInfo 8.11.2 Download
AMD Radeon Adrenalin Edition 21.2.3 driver download
GPU-Z Download v2.37.0
Intel HD graphics Driver Download Version: DCH27.20.100.9313
HWiNFO Download v6.43 - 4380 Beta


New Forum Topics
Review: Corsair MM700 & Corsair Katar Pro XT Who needs a 3080 if you can get GeForce Now.. Radeon RX 6700 XT would have a starting price of 479 USD and see better availability Just did raid 0 m2 ssds RDNA2 RX6000 Series Owners Thread, Tests, Mods, BIOS & Tweaks ! MSI Z490 Motherboards Open Up for PCIe 4.0 Graphics Cards and SSDs AMD Fury X Owners' Thread Intel stops Performance Tuning Protection Plan, PTPP, for all eligible K-series CPUs Need help with HPET Next-gen AMD EPYC (Genoa) Would get 50% larger socket SP5, 96 cores and 400W TDP




Guru3D.com » News » AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities

AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities

by Hilbert Hagedoorn on: 05/04/2018 07:45 AM | source: | 28 comment(s)
AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities

AMD has finished up its patches for vulnerabilities that security company CTS Labs announced last month. The chip designer reports that the updates for, among others, Epyc chips are in the final phase of testing and should become available next month through a Firmware patch.

CTS Labs announced the bugs unexpectedly and without any warning a while ago, according to the security company, it would take many months to close the vulnerabilities. CTS recently once more contacted Toms Hardware to 'express their concern about the lack of updates from AMD regarding these vulnerabilities'. The company said it believed many of the vulnerabilities 'would take months to fix'. One of them, Chimera, would even require a hardware change.

According to AMD we can expect updates this month, AMD has explained to Tom's Hardware. Ecosystem partners should already have the new patches for internal testing with this response:

Within approximately 30 days of being notified by CTS Labs, AMD released patches to our ecosystem partners mitigating all of the CTS identified vulnerabilities on our EPYC platform as well as patches mitigating Chimera across all AMD platforms. These patches are in final testing with our ecosystem partners in advance of being released publicly.  We remain on track to begin releasing patches to our ecosystem partners for the other products identified in the report this month. We expect these patches to be released publicly as our ecosystem partners complete their validation work.

Let us again reiterate, the vulnerabilities within the AMD systems require admin privileges and for most things, physical access to the hardware to modify things, thus a local exploit in a context where Admin Access Rights are needed.

Meanwhile, CTS labs pushed another document full of accusations, released May 1st this month (there's not a single word on Intel recent or upcoming Vulnerabilities on their websites, of course):

 



AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities




« Samsung Electronics PRO Endurance Memory Card · AMD has readied patches against MasterKey, Fallout, and Chimera vulnerabilities · Download: Display Driver Uninstaller Download version 17.0.8.6 »

Related Stories

AMD has lowered Radeon 6850 pricing in the EU - 08/10/2011 08:47 AM
AMD has decided to lower the pricing for Radeon HD 6850 based graphics cards, which now have an MSRP of 129

AMD has 10-core CPUs in the pipeline - 07/26/2011 09:28 AM
Lots of processor nes the past few days alright, a new roadmap leaked which shows that AMD is planning 10-core processors for consumers, they are planned for 2012 already. The processors are part of ...

AMD has over 800.000 DX11 class GPUs shipped - 12/16/2009 05:16 AM
Interesting story over at Xbitlabs today. They claim that Advanced Micro Devices, said on Monday that it had shipped over 800 thousand of graphics processing units (GPUs) that support DirectX 11 appli...


6 pages 1 2 3 4 5 6


xIcarus
Senior Member



Posts: 954
Joined: 2010-08-24

#5544098 Posted on: 05/05/2018 09:51 AM
AMD has encrypted portions of its PSP firmware. However, this 'Security by Obscurity' does not fix any of the vulnerabilities CTS discovered.


Bahahaha encryption is not security through obscurity you dumb fucks.
Who pays these guys? You have to be mentally incapable of paying such incompetent people in order to make other people look bad.

moo100times
Senior Member



Posts: 314
Joined: 2012-06-24

#5544207 Posted on: 05/05/2018 06:05 PM
I find it funny how this time round so many sites that were claiming that the claims from CTS were valid are all suspiciously staying quiet about this, and now also being quiet around the new round of Spectre Variant flaws particularly impacting Intel chips. The biases of the tech news sources are beginning to strongly reveal themselves, glad guru3d still has integrity to report it all!

AsiJu
Senior Member



Posts: 6718
Joined: 2010-10-16

#5544211 Posted on: 05/05/2018 06:18 PM
I guess it's good that AMD made patches to these "problems", just to appease the naysayers who would otherwise use their could-have-been "negligence" as flak, but at the same time I feel a little bit irritated that AMD is, in a way, justifying their actions. Don't feed the trolls.

So they should sue them for $10? Because that's probably all they're going to get out of it. :p

Lols, yeah.

Well CTS having a court ruling demanding they pay AMD a few million in damage control would at least slow those scammers down the next time.

I find it funny how this time round so many sites that were claiming that the claims from CTS were valid are all suspiciously staying quiet about this, and now also being quiet around the new round of Spectre Variant flaws particularly impacting Intel chips. The biases of the tech news sources are beginning to strongly reveal themselves, glad guru3d still has integrity to report it all!


Yes, I'll still applaud Hilbert for the professional news bit he wrote earlier and now this one.

Thank you G3D.


The Reeferman
Member



Posts: 98
Joined: 2013-11-10

#5544447 Posted on: 05/07/2018 01:08 AM
Well CTS having a court ruling demanding they pay AMD a few million in damage control would at least slow those scammers down the next time.


I think Intel's budget for marketing purposes is big enough to pay the bills, if they win more then they loose in the end it won't stop them. Although this attempt seems to have failed to damage AMD's reputation in any meaningful way.

Size_Mick
Senior Member



Posts: 592
Joined: 2002-03-22

#5544486 Posted on: 05/07/2018 08:44 AM
What, CTS Labs is still there?

Also gotta love this:

AMD:
"... as well as patches mitigating Chimera across all AMD platforms..."

CTS Labs:
"... CHIMERA cannot be directly fixed..."

Not saying anything good about CTS here, but I do wish to point out that mitigating is not the same as fixing. If it matters to anyone, it might be a good idea to get a clear answer from AMD on this particular point.

6 pages 1 2 3 4 5 6


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2021