AMD

Pierluigi Paganini June 19, 2024
Chip maker giant AMD investigates a data breach

AMD announced an investigation after a threat actor attempted to sell data allegedly stolen from its systems. AMD has launched an investigation after the threat actor IntelBroker announced they were selling sensitive data allegedly belonging to the company. “We are aware of a cybercriminal organization claiming to be in possession of stolen AMD data,” the […]

Pierluigi Paganini November 13, 2021
Intel and AMD address high severity vulnerabilities in products and drivers

Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released patches to address multiple security vulnerabilities in multiple products, including high-severity flaws in software drivers. Intel published 25 advisories impacting Intel Core i5-8305G and i7-8706G processors, and the Intel graphics driver for Windows 10 64-bit for […]

Pierluigi Paganini October 15, 2021
Boffins devise a new side-channel attack affecting all AMD CPUs

A group of researchers from the Graz University of Technology and CISPA Helmholtz Center for Information Security devised a new side-channel attack that affects AMD CPUs. Researchers Moritz Lipp and Daniel Gruss of the Graz University of Technology and Michael Schwarz of the CISPA Helmholtz Center for Information Security devised a new side-channel attack that […]

Pierluigi Paganini September 17, 2021
CVE-2021-26333 AMD Chipset Driver flaw allows obtaining sensitive data

Chipmaker AMD has addressed a vulnerability in PSP driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system. Chipmaker AMD has addressed a medium severity issue in Platform Security Processor (PSP) chipset driver, tracked as CVE-2021-26333, that could allow an attacker to obtain sensitive information from the targeted system. […]

Pierluigi Paganini May 16, 2021
Two flaws could allow bypassing AMD SEV protection system

The chipmaker AMD published guidance for two new attacks against its SEV (Secure Encrypted Virtualization) protection technology. Chipmaker AMD has issued guidance for two attacks (CVE-2020-12967, CVE-2021-26311) that allow bypassing the SEV (Secure Encrypted Virtualization) technology implemented to prevent rogue operating systems on virtual machines. The chipmaker is aware of two research papers, respectively titled […]

Pierluigi Paganini June 22, 2020
AMD is going to patch UEFI SMM callout privilege escalation flaw

AMD is going to release patches for a flaw affecting the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). AMD recently announced that it was preparing patches for an SMM Callout Privilege Escalation vulnerability, tracked as CVE-2020-12890, that affects the System Management Mode (SMM) of the Unified Extensible Firmware Interface (UEFI). The vulnerability […]

Pierluigi Paganini May 26, 2018
Experts show how to defeat AMD’s Secure Encrypted Virtualization

German researchers devised a method, dubbed SEVered, to defeat the security mechanisms Secure Encrypted Virtualization implemented by the AMD Epyc server microchips to automatically encrypt virtual machines in memory. The attack could allow them to exfiltrate data in plaintext from an encrypted guest via a hijacked hypervisor and simple HTTP requests to a web server running […]

Pierluigi Paganini April 11, 2018
AMD and Microsoft release microcode and operating system updates against Spectre flaw

AMD released patches for Spectre Variant 2 attack that includes both microcode and operating system updates. AMD and Microsoft worked together to issue the updates on Tuesday. AMD and Microsoft released the microcode and security updates for Spectre vulnerabilities. The Meltdown and Spectre attacks could be exploited by attackers to bypass memory isolation mechanisms and access target sensitive […]

Pierluigi Paganini March 21, 2018
AMD will release the patches for the recently discovered flaws very soon

AMD concluded its investigation on the vulnerabilities recently discovered by CTS Labs and announced that security patches will be released very soon. AMD has finally acknowledged 13 critical vulnerabilities and exploitable backdoors in its Ryzen and EPYC processors that were first disclosed earlier March by the researchers at the security firm CTS Labs. The CTS […]

Pierluigi Paganini March 14, 2018
13 Critical flaws and exploitable backdoors found in various AMD chips

Security researchers at Israel-based CTS-Labs have discovered 13 critical vulnerabilities and exploitable backdoors in various AMD chips. The flaws could be potentially exploited to steal sensitive data, install malicious code on AMD-based systems, and gain full access to the compromised systems. The flaws expose servers, workstations, and laptops running vulnerable AMD Ryzen, Ryzen Pro, Ryzen Mobile or […]