AMD promises fixes coming for new processor security vulnerabilities

AMD this week responded to the disclosure of a set of security vulnerabilities affecting its processors, acknowledging that the flaws be and promising it will release fixes in the coming weeks. The flaws in question, disclosed last calendar week by CTS-Labs, involve thirteen critical security vulnerabilities (spread across four families: Masterkey, Fallout, RyzenFall, and Bubble) found throughout AMD's Ryzen and EPYC product lines.

AMD is quick to signal out that the issues are not related to its "Zen" CPU architecture or the Meltdown and Spectre flaws disclosed earlier this twelvemonth. Rather, they impact the AMD Secure Processor embedded in some products, as well as the chipset in some socket AM4 and TR4 platforms. Farther, AMD claims that attackers seeking to exploit these flaws would crave administrative admission to execute them, pregnant they'd already have unrestricted admission to the system. From AMD:

Any assailant gaining unauthorized administrative access would accept a wide range of attacks at their disposal well beyond the exploits identified in this research. Farther, all modern operating systems and enterprise-quality hypervisors today have many effective security controls, such as Microsoft Windows Credential Guard in the Windows environs, in identify to prevent unauthorized administrative admission that would demand to exist overcome in order to impact these security problems.

In its original disclosure, CTS-Labs claimed that Masterkey, Ryzenfall, and Fallout could accept "several months" to fix, but AMD says that information technology plans to release firmware patches "in the coming weeks." For more than on AMD's planned release timeline, as well every bit the technical details surrounding each flaw, check out AMD's full response.

Review: Surface Laptop SE is the new standard for K-8 Windows PCs

Keeping it affordable

Review: Surface Laptop SE is the new standard for Grand-8 Windows PCs

Starting at just $250, Microsoft'south first foray into affordable laptops for the educational activity market place is a winner. With a gorgeous design, excellent thermals, and a fantastic typing experience, Microsoft would do correct to sell this directly to consumers too. Let'south just hope Intel tin can make a better CPU.

Exclusivity over saturation

Why Xbox Game Pass rightfully rejects the Spotify model

Spotify is often cited as a doomsday example of what Xbox Game Laissez passer could do to the video game industry. The reality is quite the opposite, Microsoft is rejecting the Spotify model, and rightfully and so.