139

Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix(arstechnica.com)

posted
by
Avatar
pe1uca@lemmy.pe1uca.dev
in
Avatar
technology@beehaw.org
15 comments
hidereport

The bug allows attackers to swipe data from a CPU’s registers. […] the exploit doesn’t require physical hardware access and can be triggered by loading JavaScript on a malicious website.

Sort:
HotTopControversialNewOld
Avatar
ericjmorey@beehaw.org
17 points

This is really bad. Mostly because there’s nothing to be done other than shutting down any of the affected processors until some time in the fall.

permalink
report
reply
Avatar
Rentlar@beehaw.org
2 points

My desktop still on Zen+ 👀

permalink
report
parent
reply
Avatar
mitch@beehaw.org
15 points

This is shaping up to be a real mess, a ton of companies are looking at whole fleet upgrades if they don’t wanna wait around for patches.

This is why you have especially generous bug bounty programs folks. :(

permalink
report
reply
Avatar
Banzai51@midwest.social
5 points

Doesn’t AMD already have the fix for this out?

permalink
report
reply
Avatar
Pigeon@beehaw.org
3 points

The article says there was a fix for a specific set of server CPUs, but not for consumer 3000 and 4000 series CPUs until December-ish.

permalink
report
parent
reply
Avatar
iloverocks@feddit.de
5 points

When I updated my system I use arch BTW it had an upgrade for the amd Unicodeavailable. I don’t know if the fix was in there but maybe

permalink
report
parent
reply
Avatar
Avid Amoeba@lemmy.ca
4 points

All of a sudden I feel a lot happier with my 1800X. ☺️

permalink
report
reply
Avatar
V ‎ ‎ @beehaw.org
9 points
*

I suppose that after Intel got their reaming, AMD was due for theirs. Any word on related vulns targeting ARM?

permalink
report
reply

Technology

!technology@beehaw.org

Create post

A nice place to discuss rumors, happenings, innovations, and challenges in the technology sphere. We also welcome discussions on the intersections of technology and society. If it’s technological news or discussion of technology, it probably belongs here.

Remember the overriding ethos on Beehaw: Be(e) Nice. Each user you encounter here is a person, and should be treated with kindness (even if they’re wrong, or use a Linux distro you don’t like). Personal attacks will not be tolerated.

Subcommunities on Beehaw:

This community’s icon was made by Aaron Schneider, under the CC-BY-NC-SA 4.0 license.

Community stats

  • 2.7K

    Monthly active users

  • 3K

    Posts

  • 57K

    Comments

Community moderators