Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.
  • Avid Amoeba@lemmy.caEnglish
    128·
    2 months ago

    Requires kernel-level access. Also AMD is “releasing mitigations,” so is it “unfixable?”

    • Drathro@dormi.zoneEnglish
      70·
      2 months ago

      I think they meant it as “once infected may be impossible to disinfect.” But it sure doesn’t read that way at first glance.

      • WHYAREWEALLCAPS@fedia.io
        171·
        2 months ago

        Did they change it? Because now it says “Allows Deep, Virtually Unfixable Infections” and that seems to say exactly what you are.

        • psud@lemmy.worldEnglish
          4·
          2 months ago

          Surely one could use the same exploit to restore the original boot code as the malware used to corrupt it

    • Bjornir@programming.devEnglish
      422·
      2 months ago

      If you have kernel access you can already do almost everything so a vulnerability on top of that isn’t that bad since no one should have kernel access to your computer

      • floofloof@lemmy.caEnglish
        17·
        2 months ago

        It means that a malicious actor would already need to have hacked your computer quite deeply through some other vulnerability (or social engineering) before they could take advantage of this one. But I don’t agree with another commenter here that this is a “nothingburger”: this vulnerability enables such a hacker to leave undetectable malware that you just can’t remove from the computer even if you replace everything but the motherboard. That’s significant, particularly for anyone who might be a target of cyber-espionage.