- 7 strategic insights business and IT leaders need for AI transformation in 2025
- The most underrated robot vacuum I've ever tested is now 60% off
- ChatGPT's GPT-4 model retires soon - some users can continue to access it
- The next big tech showdown is happening on your wrist - and you shouldn't sleep on it
- Why every business needs a data security strategy
AMD’s unpatched chip microcode glitch may require extreme measures by CISOs
“If a system is compromised to this level, the ability to deploy malicious microcode to the CPU could make for a very insidious attack vector that would be very hard to identify and address,” Villanustre said. “Creating these types of sophisticated attacks would require significant resources, but it could be something that a state sponsored actor could certainly do.”
Coordinated disclosure is critical
Villanustre was one of several security specialists who said that much of the potential damage came not from AMD, but from the disclosure by Asus.
“It’s possible that certain resourceful bad actors already knew about it, but making it widely known creates unnecessary exposure to organizations that still don’t have a way to mitigate the risk, since mainstream patches are not available,” Villanustre said, adding that “Asus’ disclosure seems to have been a mistake, but it would have been irresponsible otherwise. In any case, it’s not the first time CPUs are vulnerable and it won’t be the last time either.”
