- 최형광 칼럼 | 딥시크가 촉발하는 AI 패권 경쟁
- Windscribe VPN review: A flexible and free VPN
- One of my favorite foldables brings the flip phone back in the best way (and it's $200 off)
- I opened up a cheap 600W charger to test its build, and found 'goo' inside
- How to negotiate like a pro: 4 secrets to success
AMD’s unpatched chip microcode glitch may require extreme measures by CISOs
“If a system is compromised to this level, the ability to deploy malicious microcode to the CPU could make for a very insidious attack vector that would be very hard to identify and address,” Villanustre said. “Creating these types of sophisticated attacks would require significant resources, but it could be something that a state sponsored actor could certainly do.”
Coordinated disclosure is critical
Villanustre was one of several security specialists who said that much of the potential damage came not from AMD, but from the disclosure by Asus.
“It’s possible that certain resourceful bad actors already knew about it, but making it widely known creates unnecessary exposure to organizations that still don’t have a way to mitigate the risk, since mainstream patches are not available,” Villanustre said, adding that “Asus’ disclosure seems to have been a mistake, but it would have been irresponsible otherwise. In any case, it’s not the first time CPUs are vulnerable and it won’t be the last time either.”
