cybersecurity

5644 readers

21 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

shellsharks@infosec.pub

tweedge@infosec.pub

Google researchers uncover critical security flaw in all AMD Zen processors (www.techspot.com)

submitted 11 months ago by floofloof@lemmy.ca to c/cybersecurity@infosec.pub

3 comments fedilink hide all child comments

top 3 comments

sorted by: hot top controversial new old

[–] cron@feddit.org 9 points 11 months ago* (last edited 11 months ago)

The researchers discovered that AMD had been using a publicly available example key from NIST documentation since Zen 1, which allowed them to forge signatures and deploy arbitrary microcode modifications.

I wish these sorts of errors were not that common.

[–] thebardingreen@lemmy.starlightkel.xyz 8 points 10 months ago (1 children)

The researchers discovered that AMD had been using a publicly available example key from NIST documentation since Zen 1,

lol... sigh...

[–] floofloof@lemmy.ca 2 points 10 months ago* (last edited 10 months ago)

Just like all the BIOSes that have turned out to be using keys called things like TEST ONLY - NOT FOR PRODUCTION, rendering Secure Boot not. I have a couple of computers like this.