AMD APUs Affected by SMM Callout Privilege Escalation Security Vulnerability
#1
Exclamation 
Quote:
[Image: GsqzdCGKm9fGBPS4Xnyzpn-970-80.jpg]

AMD is distributing the fix.

Yesterday, AMD disclosed the SMM Callout Privilege Escalation (CVE-2020-12890) vulnerability that affects the chipmaker's client and embedded APUs that came out between 2016 and 2019.

SMM Callout Privilege Escalation, which security research Danny Odler discovered, enables an attacker with physical or administrative access to the victim system to manipulate the AMD Generic Encapsulated Software Architecture (AGESA) microcode inside the motherboard's firmware. This allows for the execution of malicious code that's not detectable by the operating system. 
  
Luckily, this vulnerability can be mitigated with a simple microcode update, which seemingly doesn't bear a performance impact on the system. AMD has already distributed updated versions of its AGESA microcodes to its motherboard partners and will deliver the remaining versions by the end of this month. 

As usual, AMD recommends users to update their systems to the latest firmware once it's available.
...
Continue Reading
[-] The following 1 user says Thank You to harlan4096 for this post:
  • silversurfer
Reply


Messages In This Thread
AMD APUs Affected by SMM Callout Privilege Escalation Security Vulnerability - by harlan4096 - 19 June 20, 07:04

Forum Jump:


Users browsing this thread: 2 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
QOwnNotes 19.1.6
24.12.4 The wel...Kool — 12:56
INTEL Arc Graphics 32.0.101.6325/6253 dr...
Highlights Fix...harlan4096 — 11:06
GFYI [Official] Revo Uninstaller Pro v5...
"Share feedback...damien76 — 09:01
GFYI [Official] SpyShelter PRO v15 Chri...
Merry Christmas and ...damien76 — 08:56
GFYI [Official] IObit Christmas 2024 Bl...
Merry Christmas and ...damien76 — 08:54

[-]
Birthdays
Today's Birthdays
No birthdays today.
Upcoming Birthdays
No upcoming birthdays.

[-]
Online Staff
There are no staff members currently online.

>