• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CTS-Labs Posts Ryzen Windows Credential Guard Bypass Proof-of-concept Video

Joined
May 6, 2012
Messages
184 (0.04/day)
Location
Estonia
System Name Steamy
Processor Ryzen 7 2700X
Motherboard Asrock AB350M-Pro4
Cooling Wraith Prism
Memory 2x8GB HX429C15PB3AK2/16
Video Card(s) R9 290X WC
Storage 960Evo 500GB nvme
Case Fractal Design Define Mini C
Power Supply Seasonic SS-660XP2
Software Windows 10 Pro
Benchmark Scores http://hwbot.org/user/kinski/ http://valid.x86.fr/qfxqhj https://goo.gl/uWkw7n
Joined
Aug 20, 2007
Messages
21,476 (3.40/day)
System Name Pioneer
Processor Ryzen R9 9950X
Motherboard GIGABYTE Aorus Elite X670 AX
Cooling Noctua NH-D15 + A whole lotta Sunon and Corsair Maglev blower fans...
Memory 64GB (4x 16GB) G.Skill Flare X5 @ DDR5-6000 CL30
Video Card(s) XFX RX 7900 XTX Speedster Merc 310
Storage Intel 905p Optane 960GB boot, +2x Crucial P5 Plus 2TB PCIe 4.0 NVMe SSDs
Display(s) 55" LG 55" B9 OLED 4K Display
Case Thermaltake Core X31
Audio Device(s) TOSLINK->Schiit Modi MB->Asgard 2 DAC Amp->AKG Pro K712 Headphones or HDMI->B9 OLED
Power Supply FSP Hydro Ti Pro 850W
Mouse Logitech G305 Lightspeed Wireless
Keyboard WASD Code v3 with Cherry Green keyswitches + PBT DS keycaps
Software Gentoo Linux x64 / Windows 11 Enterprise IoT 2024
Again? Does TPU have a financial motive?

Yes, and it's called advertising. I'm pretty sure w1zzard has been quite open on that front. Any other accusations are just silly. He's covering this just as much as meltdown/spectre.
 
Joined
Jan 25, 2011
Messages
531 (0.10/day)
Location
Inside a mini ITX
System Name ITX Desktop
Processor Core i7 9700K
Motherboard Gigabyte Aorus Pro WiFi Z390
Cooling Arctic esports 34 duo.
Memory Corsair Vengeance LPX 16GB 3000MHz
Video Card(s) Gigabyte GeForce RTX 2070 Gaming OC White PRO
Storage Samsung 970 EVO Plus | Intel SSD 660p
Case NZXT H200
Power Supply Corsair CX Series 750 Watt
Handed out a couple of short bans, tired of seeing this kind of shitposting

I hope you take this as constructive criticism. As journalists, you're supposed to represent us when you do a Q&A with a company. I'd rate TPU's Q&A with the CTS labs much lower than Anandtech's . Focusing on technical details isn't an excuse for not asking questions about their motives, hyperbole and inaccuracies in the website they've created, their relationships with short-sellers and the way they've handled this whole thing. There's a reason why the readers are disappointed. If I just read TPU and no other tech news sources, I'd have probably believed viceroy reaserch's claim that AMD is doomed and their shares are worth $0. That's my 2 cents of finger wagging as a TPU reader of many years.
 
Last edited:
Joined
Jan 8, 2017
Messages
9,438 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
I gotta say , the dude types pretty fast. Pretty much the only noteworthy observation.

They already dug up their hole , there ain't no getting out of it.
 
Joined
Nov 18, 2010
Messages
7,558 (1.47/day)
Location
Rīga, Latvia
System Name HELLSTAR
Processor AMD RYZEN 9 5950X
Motherboard ASUS Strix X570-E
Cooling 2x 360 + 280 rads. 3x Gentle Typhoons, 3x Phanteks T30, 2x TT T140 . EK-Quantum Momentum Monoblock.
Memory 4x8GB G.SKILL Trident Z RGB F4-4133C19D-16GTZR 14-16-12-30-44
Video Card(s) Sapphire Pulse RX 7900XTX. Water block. Crossflashed.
Storage Optane 900P[Fedora] + WD BLACK SN850X 4TB + 750 EVO 500GB + 1TB 980PRO+SN560 1TB(W11)
Display(s) Philips PHL BDM3270 + Acer XV242Y
Case Lian Li O11 Dynamic EVO
Audio Device(s) SMSL RAW-MDA1 DAC
Power Supply Fractal Design Newton R3 1000W
Mouse Razer Basilisk
Keyboard Razer BlackWidow V3 - Yellow Switch
Software FEDORA 41
It still looks like...

sudo rm -rf /*

and actually it is a joke...
 
Joined
Jun 3, 2010
Messages
2,540 (0.48/day)
I hope you take this as constructive criticism. As journalists, you're supposed to represent us when you do a Q&A with a company. I'd rate TPU's Q&A with the CTS labs much lower than Anandtech's . Focusing on technical details isn't an excuse for not asking questions about their motives, hyperbole and inaccuracies in the website they've created, their relationships with short-sellers and the way they've handled this whole thing. There's a reason why the readers are disappointed. If I just read TPU and no other tech news sources, I'd have probably believed viceroy reaserch's claim that AMD is doomed and their shares are worth $0. That's my 2 cents of finger wagging as a TPU reader of many years.
Considering I'm a tech-hobbyist myself and having started following the media on TechPowerUp originally, the content isn't as engaging as it used to be. One-sided story-telling and sensational half-truths never passed before as the orthodox coverage here. Just my fair share of criticism given enough musing about the subject.
 

cadaveca

My name is Dave
Joined
Apr 10, 2006
Messages
17,232 (2.53/day)
As journalists

There are no journalists here on TPU. You are trying to hold us to a standard that doesn't exist. Anyone who says they are a journalist must hold a degree for that, and none of us do.

Yes, we have tech news aggregation. Yes, we cover popular topics. Yes, we have opinions. But just because we cover a news story doesn't mean we hold to the opinion presented in the story. What it actually means is that we value your opinion, and want to hear what you think about the subject, presented in the light it is given. It's not financially motivated, either... we just care about what you think, and want to hear what you have to say. So please, say it, but please don't misinterpret our intent.
 
Joined
Jan 8, 2017
Messages
9,438 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
You are trying to hold us to a standard that doesn't exist. Anyone who says they are a journalist must hold a degree for that, and none of us do.

Nice formal excuse. Why even say that ? I honestly can't tell if that was meant to be a joke of some sort.

Any entity covering news/rumors/interviews and showing it to a public counts as journalism.
 
Joined
Nov 13, 2007
Messages
10,772 (1.73/day)
Location
Austin Texas
System Name stress-less
Processor 9800X3D @ 5.42GHZ
Motherboard MSI PRO B650M-A Wifi
Cooling Thermalright Phantom Spirit EVO
Memory 64GB DDR5 6000 CL30-36-36-76
Video Card(s) RTX 4090 FE
Storage 2TB WD SN850, 4TB WD SN850X
Display(s) Alienware 32" 4k 240hz OLED
Case Jonsbo Z20
Audio Device(s) Yes
Power Supply Corsair SF750
Mouse DeathadderV2 X Hyperspeed
Keyboard 65% HE Keyboard
Software Windows 11
Benchmark Scores They're pretty good, nothing crazy.
I kind of like that TPU went purely technical... Everything out there tries to tell me how to think while being extremely vague on detail.

This was actually kind of refreshing - I learned quite a bit reading about these vulnerabilities.
 
Low quality post by Patriot
Joined
Oct 27, 2009
Messages
1,184 (0.21/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
There are no journalists here on TPU. You are trying to hold us to a standard that doesn't exist. Anyone who says they are a journalist must hold a degree for that, and none of us do.

Yes, we have tech news aggregation. Yes, we cover popular topics. Yes, we have opinions. But just because we cover a news story doesn't mean we hold to the opinion presented in the story. What it actually means is that we value your opinion, and want to hear what you think about the subject, presented in the light it is given. It's not financially motivated, either... we just care about what you think, and want to hear what you have to say. So please, say it, but please don't misinterpret our intent.

https://en.wikipedia.org/wiki/Journalism Degree not required... you deliver the news and are therefore Journalists, even bloggers are considered journalists and as such must declare contributions and slants.

Edit, turns out the truth is dubbed low quality, time to find a new news site.
 
Last edited:
Low quality post by Xzibit
Joined
Apr 30, 2012
Messages
3,881 (0.84/day)
Nice formal excuse. Why even say that ? I honestly can't tell if that was meant to be a joke of some sort.

Any entity covering news/rumors/interviews and showing it to a public counts as journalism.

I found it funny. In more ways then one.

Picture TPU applying for Press Passes to the next Tech show or Product launch event and being declined by not having a "Degree".

Want the perks but none of the responsibility.
 

btarunr

Editor & Senior Moderator
Staff member
Joined
Oct 9, 2007
Messages
47,244 (7.54/day)
Location
Hyderabad, India
System Name RBMK-1000
Processor AMD Ryzen 7 5700G
Motherboard ASUS ROG Strix B450-E Gaming
Cooling DeepCool Gammax L240 V2
Memory 2x 8GB G.Skill Sniper X
Video Card(s) Palit GeForce RTX 2080 SUPER GameRock
Storage Western Digital Black NVMe 512GB
Display(s) BenQ 1440p 60 Hz 27-inch
Case Corsair Carbide 100R
Audio Device(s) ASUS SupremeFX S1220A
Power Supply Cooler Master MWE Gold 650W
Mouse ASUS ROG Strix Impact
Keyboard Gamdias Hermes E2
Software Windows 11 Pro

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,262 (6.64/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
It's obvious what cts is trying to do, so i denounce anything they do. I trust the developer of the arch on fixes before a 3rd party such as CTS.

I wonder if AMD might pursue a lawsuit for libel.
 

hat

Enthusiast
Joined
Nov 20, 2006
Messages
21,745 (3.30/day)
Location
Ohio
System Name Starlifter :: Dragonfly
Processor i7 2600k 4.4GHz :: i5 10400
Motherboard ASUS P8P67 Pro :: ASUS Prime H570-Plus
Cooling Cryorig M9 :: Stock
Memory 4x4GB DDR3 2133 :: 2x8GB DDR4 2400
Video Card(s) PNY GTX1070 :: Integrated UHD 630
Storage Crucial MX500 1TB, 2x1TB Seagate RAID 0 :: Mushkin Enhanced 60GB SSD, 3x4TB Seagate HDD RAID5
Display(s) Onn 165hz 1080p :: Acer 1080p
Case Antec SOHO 1030B :: Old White Full Tower
Audio Device(s) Creative X-Fi Titanium Fatal1ty Pro - Bose Companion 2 Series III :: None
Power Supply FSP Hydro GE 550w :: EVGA Supernova 550
Software Windows 10 Pro - Plex Server on Dragonfly
Benchmark Scores >9000
Each of these "vulnerabilities" seem overblown to me. A lot of these seem to rely on getting access to deeper systems which, in my opinion as an enthusiast, block people from doing whatever they want (I mean, I'd love to be able to edit my own Pascal GPU BIOS like I did in the old days). To actually be attacked with these particular vulnerabilities, you already have to be in a perfect storm of shit anyways. I'd be less worried about these vulnerabilities themselves and more worried about how somebody was able to compromise my systems to the point where these vulnerabilities became an option for them.

I also suspect ulterior motives myself given the nature of these CTS people and those connected to them. At best they seem to have found some vulnerabilities of questionable (in my opinion) severity (they're bad, but really hard to pull off) and are looking to profit from it. They're definitely not a legitimate security firm in my eyes, and their report is obviously made to benefit them, not to merely alert those concerned to the vulnerabilities.

That said, I've followed up on this for a while and read a lot of comments before immediately reaching for my e-torch and e-pitchfork... I don't dismiss the flaws as fake, rather overhyped because they would be very difficult to use in an actual attack against target systems. I also lump CTS in the came category as patent trolls and people who sue other people because their phone also has "rounded corners".
 
Last edited:
Joined
Oct 27, 2009
Messages
1,184 (0.21/day)
Location
Republic of Texas
System Name [H]arbringer
Processor 4x 61XX ES @3.5Ghz (48cores)
Motherboard SM GL
Cooling 3x xspc rx360, rx240, 4x DT G34 snipers, D5 pump.
Memory 16x gskill DDR3 1600 cas6 2gb
Video Card(s) blah bigadv folder no gfx needed
Storage 32GB Sammy SSD
Display(s) headless
Case Xigmatek Elysium (whats left of it)
Audio Device(s) yawn
Power Supply Antec 1200w HCP
Software Ubuntu 10.10
Benchmark Scores http://valid.canardpc.com/show_oc.php?id=1780855 http://www.hwbot.org/submission/2158678 http://ww
It's obvious what cts is trying to do, so i denounce anything they do. I trust the developer of the arch on fixes before a 3rd party such as CTS.

I wonder if AMD might pursue a lawsuit for libel.

Yup. It's a bug, its a flaw... but an exploit is something that gets you admin access, doesn't require it...
STH had a nice write-up on it from a legal perspective.
 
Joined
Jul 13, 2016
Messages
3,292 (1.07/day)
Processor Ryzen 7800X3D
Motherboard ASRock X670E Taichi
Cooling Noctua NH-D15 Chromax
Memory 32GB DDR5 6000 CL30
Video Card(s) MSI RTX 4090 Trio
Storage Too much
Display(s) Acer Predator XB3 27" 240 Hz
Case Thermaltake Core X9
Audio Device(s) Topping DX5, DCA Aeon II
Power Supply Seasonic Prime Titanium 850w
Mouse G305
Keyboard Wooting HE60
VR HMD Valve Index
Software Win 10
I hope you take this as constructive criticism. As journalists, you're supposed to represent us when you do a Q&A with a company. I'd rate TPU's Q&A with the CTS labs much lower than Anandtech's . Focusing on technical details isn't an excuse for not asking questions about their motives, hyperbole and inaccuracies in the website they've created, their relationships with short-sellers and the way they've handled this whole thing. There's a reason why the readers are disappointed. If I just read TPU and no other tech news sources, I'd have probably believed viceroy reaserch's claim that AMD is doomed and their shares are worth $0. That's my 2 cents of finger wagging as a TPU reader of many years.

CTS labs may have multiple motives but what we know for sure it that they were paid quite a bit to look into these issues and that they will not reveal their client or even the industry that their client is in. I mean they spent $14,000 just to validate their exploits.

So honestly from what we know: They tried to act altruistic in their original disclosure all the while doing a hit and run on AMD. Their legal disclaimer directly contradicted that and they definitely received money for the job done in addition to leaking information to short sellers, possibly getting extra cash in that manner as well.

The security community agrees as well. Any future work by these guys is going to be tained by "well who's paying them this time?". I would not be surprised at all if this is the last public report this company does. They would be far better off creating a new company and trying to trick people that way.
 
Joined
Jul 5, 2013
Messages
27,860 (6.69/day)
And TPU apparently lol.
Tpu has dug itself into the hole to the point that they have no option but to cover this or else they will admit they were wrong in covering that 1st story without any research.
I held TPU to higher quality previously.
This TPU bashing crap needs to stop. Bashing CTS for for what you perceive as various wrongs is one thing. Bashing TPU staff and the founder for reporting actual industry news is quite another. They are doing their job. Nothing more, nothing less. If you people can't figure out that very simple concept, then maybe this isn't someplace for you to be.

Edit; just watched that video. This is, as demonstrated, not insignificant. This is serious and can be done quickly as the video shows.
 
Last edited:
Joined
Feb 27, 2005
Messages
179 (0.02/day)
Processor Intel Core i7 6700K @ 4,8 GHz
Motherboard Asus Z170 Pro Gaming
Cooling Alpenfön Brocken 2
Memory 32 GB G.Skill DDR4-3000
Video Card(s) Asus DirectCU II R290
Storage 1 TB HD + 180 GB SSD + 500 GB SSD
Display(s) Philips BDM4065 39,95" Ultra-HD
Case Antec P280
Audio Device(s) Onboard HD sound on 5.1 system
Power Supply Silverstone SST-ST85F-GS Strider Gold Series - 850 Watt
Software Windows 10 Pro x64
Edit; just watched that video. This is, as demonstrated, not insignificant. This is serious and can be done quickly as the video shows.

No, it is not serious. If you are already in a privilidged shell, nothing else matters anymore. Not the OS, not the CPU. The system is yours. With or without flaws. And I expect a well regarded website like TPU to point that out to readers.
 
Joined
Jul 5, 2013
Messages
27,860 (6.69/day)
No, it is not serious.
That is only your misinformed opinion. When the company effected by these problems commits resources to releasing full bios revisions for said problems, they are automatically qualified as serious.
If you are already in a privileged shell, nothing else matters anymore. Not the OS, not the CPU. The system is yours. With or without flaws. And I expect a well regarded website like TPU to point that out to readers.
Thanks for the tip. Because really, that hasn't been mentioned already by other users... :rolleyes:
This constant and pathetically lame referencing to "priviledged shell" or "admin authority" and whatnot is not the issue certain "people" are trying(and failing) to make it out to be. Finding systems on a network that have admin is not a difficult task, nor is artificially granting admin to a system that doesn't have it. If you don't understand these points, you have the problem.
 
Last edited:
Joined
Apr 30, 2012
Messages
3,881 (0.84/day)
Edit; just watched that video. This is, as demonstrated, not insignificant. This is serious and can be done quickly as the video shows.

The people who got payed $14,000 by CTS-Labs differ with you.

TOB said:
There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers
 
Joined
Oct 2, 2004
Messages
13,791 (1.87/day)
The reason they slowly drag out videos is to keep their relevancy up. Why release it all at once if you can drag your name through news for weeks and months. CTS Labs is shit. For a bunch of smart people they act really dumb.
 
Joined
Jul 5, 2013
Messages
27,860 (6.69/day)
There is no immediate risk of exploitation of these vulnerabilities for most users. Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities. This level of effort is beyond the reach of most attackers
Most not all. The majority of the script-kiddies out there are of little concern, true, but it's the ones with real skills that are of concern. And there are a lot of them. Do you want to be the nitwit who told their boss it was nothing to worry about and then was victimized by the very same problem? You'd be out of a job so fast it would make your head spin. EVERY vulnerability like this is a serious vulnerability which requires serious attention and consideration. It would be irresponsible, negligent, reckless and unprofessional to treat this with less seriousness than any other system cracking vulnerability.
The reason they slowly drag out videos is to keep their relevancy up. Why release it all at once if you can drag your name through news for weeks and months. CTS Labs is shit. For a bunch of smart people they act really dumb.
Enough with the FUD. Try taking off the tin hat and seeing the problems for what they are.
 
Joined
Apr 30, 2012
Messages
3,881 (0.84/day)
Most not all. The majority of the script-kiddies out there are of little concern, true, but it's the ones with real skills that are of concern. And there are a lot of them. Do you want to be the nitwit who told their boss it was nothing to worry about and then was victimized by the very same problem? You'd be out of a job so fast it would make your head spin. EVERY vulnerability like this is a serious vulnerability which requires serious attention and consideration. It would be irresponsible, negligent, reckless and unprofessional to treat this with less seriousness than any other system cracking vulnerability.

Drama much?

People in such positions wouldn't be screaming the sky is falling either or running to replace the entire network when ever they get whim of a new exploit.

Lets weight this one out. Forum warriors screaming the sky is falling vs Security firm with 6yrs experience in the industry that got payed to review it with all the tools. Hmm.. tough call >Sarcasm<
 
Joined
Sep 6, 2013
Messages
3,340 (0.81/day)
Location
Athens, Greece
System Name 3 desktop systems: Gaming / Internet / HTPC
Processor Ryzen 5 5500 / Ryzen 5 4600G / FX 6300 (12 years latter got to see how bad Bulldozer is)
Motherboard MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2) / Gigabyte GA-990XA-UD3
Cooling Νoctua U12S / Segotep T4 / Snowman M-T6
Memory 32GB - 16GB G.Skill RIPJAWS 3600+16GB G.Skill Aegis 3200 / 16GB JUHOR / 16GB Kingston 2400MHz (DDR3)
Video Card(s) ASRock RX 6600 + GT 710 (PhysX)/ Vega 7 integrated / Radeon RX 580
Storage NVMes, ONLY NVMes/ NVMes, SATA Storage / NVMe boot(Clover), SATA storage
Display(s) Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) ---- 19'' HP monitor + BlitzWolf BW-V5
Case Sharkoon Rebel 12 / CoolerMaster Elite 361 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Keyboard CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Software Windows 10 / Windows 10&Windows 11 / Windows 10
but it's the ones with real skills that are of concern
They are probably busy trying to bypass the latest Meltdown and Spectre patches, or find other vulnerabilities, because all big corporations/banks/whatever and all governments are still using equipment based on Intel CPUs.

EVERY vulnerability like this is a serious vulnerability
It's only serious because CTS gave no time to AMD to prepare patches before the info gone public. But it's not as serious as Meltdown was and let's not forget that Intel had to work for a couple of more months after Meltdown was known to prepare patches for older CPUs and fix some of the first patches that where leading to system instability. I wonder if there where IT heads spinning when Meltdown was gone public and until the date Intel gave stable patches for all latest generation CPUs. Also in the case of ASmedia we have no reply from Intel, motherboard manufacturers or ASMedia itself, as fas as I know, so probably some heads are still spinning, while trying to disable throught the BIOS, ASMedia chips on board of Intel motherboards.
 
Joined
Jul 5, 2013
Messages
27,860 (6.69/day)
Drama much?
Only responding to your comment. I didn't start it.
People in such positions wouldn't be screaming the sky is falling either or running to replace the entire network when ever they get whim of a new exploit.
Perhaps not, but what they will do is fix the problem by updating the affected systems and review their network security SOP's, looking for and implementing better methodologies as needed. No network is perfect and there is always room for improvement. These vulnerabilities serve as yet another wake-up-call to the dangers that exist in the technological world and why it is important to stay on top of your game.
Forum warriors screaming the sky is falling
No one is screaming the "the sky is falling". Us "forum warriors" are advocating that these problems are to be taken seriously. Anything less would be...
irresponsible, negligent, reckless and unprofessional
 
Top