Matsuda Posted January 14, 2015 Share Posted January 14, 2015 A vulnerability found in certain AMD processor firmware has been patched by the company, it was revealed at the 31st Chaos Communication Congress.According to Heise.de, the vulnerability was found in the Trinity, Richland, Kaveri and Kabini series of the chip by Czech programmer Rudolf Marek. He explained how insufficiently protected code signatures and other errors in the firmware could be used by hackers to inject software, which could then be executed by the System Management Unit and Accelerated Processing UnitsThe System Management Unit (SMU) in the chips is responsible for power saving functionality alongside other configuration tasks. Using his hack, Marek was able to extract SMU code from downloaded BIOS updates on various motherboard manufacturers, and subsequently able to obtain the secret key the company uses for the SHA1 hash in the chips’ code signature. Marek was also able to inject his own commands, as the SMU firmware execution code didn’t check properly.Marek contacted AMD in April – the company confirmed the error two months later, and patched some verisions of the AGESA (software in charge of the booting process in the BIOS) firmware was released in November last year. The firmware versions with SMU patches are as follows:Source: http://www.welivesecurity.com/2015/01/13/vulnerability-found-amd-processor-firmware/ Link to comment Share on other sites More sharing options...
Administrator DKT27 Posted January 14, 2015 Administrator Share Posted January 14, 2015 Wonder how one would apply them. If it's connected to the BIOS updates, then what if the manufacturers do not release the update for particular models. Link to comment Share on other sites More sharing options...
steven36 Posted January 14, 2015 Share Posted January 14, 2015 Wonder how one would apply them. If it's connected to the BIOS updates, then what if the manufacturers do not release the update for particular models.Here some info on this if you care to lookhttp://www.overclock.net/t/1400866/cpu-firmware-upgradeEdit: anyways seems me safe :showoff: Link to comment Share on other sites More sharing options...
provision Posted January 14, 2015 Share Posted January 14, 2015 I'm vulnerable and what happens next ??? Link to comment Share on other sites More sharing options...
steven36 Posted January 14, 2015 Share Posted January 14, 2015 I'm vulnerable and what happens next ???Bug your motherboard vendor for a fix Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.