Virtual machines that use AMD’s hardware-based encryption scheme are vulnerable to attacks that can extract the full contents of their main memory – in plaintext.
AMD notified users about new available Spectre CPU firmware and Windows 10 patches.
AMD on Tuesday acknowledged several vulnerabilities that had been reported in its Ryzen and EPYC chips, and said that it would roll out PSP firmware patches in the coming week.
Security community takes a critical look at CTS-Labs’ disclosure of vulnerabilities in AMD vulnerabilities found in EPYC servers, Ryzen workstationsm and Ryzen mobile offerings.
Researchers on Tuesday disclosed over a dozen critical security vulnerabilities in several AMD chips, opening them up for attackers who want to steal sensitive data and install malware on AMD servers, workstations and laptops.
Microsoft is pausing the rollout of Windows Meltdown and Spectre patches until hosted anti-virus software vendors confirms no unsupported Windows kernel calls via the addition of a registry key on PCs.
Mitigating Spectre and Meltdown flaws won’t be easy, but experts say exploits targeting Spectre will be hard to patch against.
Intel, Amazon, ARM, Microsoft and others have shared patch updates to keep customers informed on their mitigation efforts to protect against the far reaching Spectre and Meltdown vulnerabilities impacting computers, servers and mobile devices worldwide.