AMD’s unpatched chip microcode glitch may require extreme measures…

“If a system is compromised to this level, the ability to deploy malicious microcode to the CPU could make for a very insidious attack vector that would be very hard to identify and address,” Villanustre said. “Creating these types of sophisticated attacks would require significant resources, but it could be something that a state sponsored actor could certainly do.”

Coordinated disclosure is critical

Villanustre was one of several security specialists who said that much of the potential damage came not from AMD, but from the disclosure by Asus.

“It’s possible that certain resourceful bad actors already knew about it, but making it widely known creates unnecessary exposure to organizations that still don’t have a way to mitigate the risk, since mainstream patches are not available,” Villanustre said, adding that “Asus’ disclosure seems to have been a mistake, but it would have been irresponsible otherwise. In any case, it’s not the first time CPUs are vulnerable and it won’t be the last time either.”

Source link

AMD’s unpatched chip microcode glitch may require extreme measures by CISOs

Coordinated disclosure is critical

Leave a Comment Cancel reply

VMWARE

Helping Public Sector Organisations Define Cloud Strategy

How to change the VLAN ID of the Service Console in ESX from the command line/console

Cisco UCS and Vmware Interfaces (Vnics) HA Design Considerations

Troubleshooting network and TCP/UDP port connectivity issues on ESX/ESXi(2020669)

vSphere Client Parameters

Configuration Templates

CUE Licenses

Trouble shooting Unity Express with Call Manager Integeration & Operational Issues

CME Configuration Example: SIP Trunks to Viatalk and VoIP.ms

SIP Phone registration – CME Configuration

CUE Voicemail + VPIM networking (CUE to unity)

Related Post

Coordinated disclosure is critical

Leave a Comment Cancel reply

VMWARE

Configuration Templates