Jump to content
NotebookTalk

Amd and Intel's security flaws and security vulnerabilities. The chosen one ISN'T BETTER THAN THE OTHER.


Papusan

Recommended Posts

Do you remember a few years ago when everyone panicked over a couple of security flaws known as Meltdown and Spectre? These were a new type of security hole altogether, known as speculative execution flaws because they exploit the so-named capability of modern processors. That was back in 2018, and since then, every tech company under the sun has issued patches, firmware updates, and other guidance to mitigate the danger of these attacks.
 
So that's all over and dealt with, right? Well... not exactly. As it turns out, one of the major mitigations deployed against Spectre, known as "retpoline", isn't actually as helpful as we thought. A new flaw, known as "retbleed", has been discovered by researchers at ETH Zurich. Retbleed evades earlier protections against a specific form of the Spectre vulnerability, including machines using the retpoline mitigation..
 
Both AMD and Intel say that they're not aware of anyone making use of these vulnerabilities in the wild, but patches aren't available yet. When they do become available, they may come with a performance hit of as much as 28%. Hopefully some clever coders will come up with a way to mitigate that performance loss.
 
Microsoft try push you over on new hardware so you can enjoy their latest and most secure OS. Same do the HW manufacturers. They know they later have to patch flaws they have added to try optimize for better performance. Give with one hand and then take it back with the other hands. Or just hope you buy their newest and safer products that will suffer same mess after a couple of years. Why not just stop optimize for performance when you know you have to take it back later?
  • Thumb Up 1
  • Like 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • Papusan changed the title to Amd and Intel's security flaws and security vulnerabilities. The chosen one ISN'T BETTER THAN THE OTHER.
  • 2 weeks later...

Meh... I rather agree with the sentiments expressed in this article:
https://www.extremetech.com/computing/337005-researchers-found-an-unpatchable-security-flaw-in-apples-m1-and-you-probably-dont-need-to-care

 

The amount of energy and drama expended seems out of proportion to the actual risks, and mainly only serves to keep IT professionals and tech writers employed as far as I can see. How many people do you know who have been impacted by any of these things? Over the entirety of the past decade, I know one person who got a minor virus, one person who was targeted by a social hack with no ill-results, and two people who have had their WhatsApp accounts hacked (and well, if you're still using WhatsApp, lol...). Social engineering is by far the most common form of attack these days, and renders most of the underlying technical issues completely moot.

  • Thumb Up 2
Link to comment
Share on other sites

2 hours ago, Ishatix said:

Meh... I rather agree with the sentiments expressed in this article:
https://www.extremetech.com/computing/337005-researchers-found-an-unpatchable-security-flaw-in-apples-m1-and-you-probably-dont-need-to-care

 

The amount of energy and drama expended seems out of proportion to the actual risks, and mainly only serves to keep IT professionals and tech writers employed as far as I can see. How many people do you know who have been impacted by any of these things? Over the entirety of the past decade, I know one person who got a minor virus, one person who was targeted by a social hack with no ill-results, and two people who have had their WhatsApp accounts hacked (and well, if you're still using WhatsApp, lol...). Social engineering is by far the most common form of attack these days, and renders most of the underlying technical issues completely moot.

true, drama sells clicks n views. but still, better to be aware than be caught off guard.

  • Thumb Up 3

Mine: Hyperion "Titan God of Heat, Heavenly Light, Power" (2022-24)
AMD Ryzen 9 7950X (TG High Perf. IHS) / Asus ROG Crosshair X670E Extreme / MSI Geforce RTX 4090 Suprim X / Teamgroup T-Force Delta RGB DDR5-8200 2x24 GB / Seagate Firecuda 530 4 TB / 5x Samsung 860 Evo 4 TB / Arctic Liquid Freezer II 420 (Push/Pull 6x Noctua NF-A14 IndustrialPPC-3000 intake) / Seasonic TX-1600 W Titanium / Phanteks Enthoo Pro 2 TG (3x Arctic P12 A-RGB intake / 4x Arctic P14 A-RGB exhaust / 1x Arctic P14 A-RGB RAM cooling) / Samsung Odyssey Neo G8 32" 4K 240 Hz / Ducky One 3 Daybreak Fullsize Cherry MX Brown / Corsair M65 Ultra RGB / PDP Afterglow Wave Black / Beyerdynamic DT 770 Pro X Limited Edition

 

My Lady's: Clevo NH55JNNQ "Alfred" (2022-24)
Sharp LQ156M1JW03 FHD matte 15.6" IGZO 8 bit @248 Hz / Intel Core i5 12600 / Nvidia Geforce RTX 3070 Ti / Mushkin Redline DDR4-3200 2x32 GB / Samsung 970 Pro 1 TB / Samsung 870 QVO 8 TB / Intel AX201 WIFI 6+BT 5.2 / Win 11 Pro Phoenix Lite OS / 230 W PSU powered by Prema Mod!

Link to comment
Share on other sites

  • 5 months later...

It seem AMD collect vulnerabilities and prefer push out patches after they have released new products. This time patched only 31 vulnerabilities 🙂

 

And yes, Intel follows the same path. But stop the talk about who is best in the class. They are both equal dishonest and both have to implement vulnerabilities to make their products to show better perfomance. Then they have to fix their own created mess with patches after they have been discovered with the panths down. This is classic. Give something with the left hand then backtack it later with the right hand. They should stop implement code to show their products in better lights. 

 

On 7/26/2022 at 10:45 PM, jaybee83 said:

true, drama sells clicks n views.

Not always😎 AMD try avoid drama. Drama can reduce sales😎 They usually hide what is patched in newer firmware. And they don't patch before they have to.

 

"AMD quietly divulged 31 new CPU vulnerabilities" in a January update, spanning its Ryzen chips for consumers and the EPYC data center processors. The vulnerability update also includes a list of AGESA versions, with mitigations for the impacted processors. 

 

Quetly fix the vulnerabilities then throw it out. The end results will sometimes end as this.. Angry owners of their modern HW.

image.png.95608d960cc4c85aceed45870b829b2f.png

  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 6 months later...

AMD 'Zenbleed' Bug Allows Data Theft From Zen 2 Processors, Patches ComingA huge Zen 2 leak requires a patch.

 

[Update 9:15am PT: AMD told us that patches to prevent Zenbleed are available for its EPYC Rome processors, but hasn't said if they are available for the impacted consumer Ryzen CPUs. AMD also hasn't given an ETA for patches for Ryzen chips or responded to our questions about potential performance impacts from the Zenbleed patches. We're still working to learn more.]

 

The 'Zenbleed' vulnerability spans the entire Zen 2 product stack, including AMD's EPYC data center processors and the Ryzen 3000 CPUs, allowing the theft of protected information from the CPU, such as encryption keys and user logins. The attack does not require physical access to the computer or server and can even be executed via javascript on a webpage.

 

Update. AMD's statement implies there will be some performance impact from the patches, but we'll have to conduct independent benchmarks when the patches arrive for the consumer Ryzen products. In the meantime, we've asked AMD for any ballpark figures it can share.

 

 

According to Ormandy, all Zen 2 CPUs are impacted, including the EPYC Rome processors:

  • AMD Ryzen 3000 Series Processors
  • AMD Ryzen PRO 3000 Series Processors
  • AMD Ryzen Threadripper 3000 Series Processors
  • AMD Ryzen 4000 Series Processors with Radeon Graphics
  • AMD Ryzen PRO 4000 Series Processors
  • AMD Ryzen 5000 Series Processors with Radeon Graphics
  • AMD Ryzen 7020 Series Processors with Radeon Graphics
  • AMD EPYC “Rome” Processors

 

Not what the fanboys want to hear. But the AMD engineers is spot on.... from the security bulletins.  "Any computer system" has risks of security vulnerabilities that cannot be completely prevented or mitigated

 

And nice to see that AMD don't bother release a new patch before end of 2023 for their consumer chips. This means you still can have the same Cpu performance another 4 or 5 months 🙂

  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 3 weeks later...
The Red pill.....
AMD is not aware of any Inception exploits outside of security research circles.

 

AMD 'Inception' Vulnerability Affects Zen 3 and 4

 

Unfortunately for AMD and its users, Inception affects the latest AMD Ryzen processor families based on Zen 3 and Zen 4 cores — across data center, desktop, HEDT, and mobile. However, we must be thankful that, as details of Inception go live, mitigations are in the pipeline.

 

 

The Blue pill.....

Sky Lake through Tiger Lake/Ice Lake affected.
 

Intel 'Downfall' Bug Steals Encryption Keys, Data From Years of CPUs

 

A new security vulnerability, called Downfall, was revealed today by Intel and the researcher who discovered it, Daniel Moghimi. The new attack uses Gather Data Sampling to steal data and other sensitive information from other users on a computer with Intel processors from 2015 through 2019 ranging from sixth gen Skylake through eleventh gen Rocket Lake and Tiger Lake.

  • Thumb Up 3

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

One more.... But for older Zen chips.  AMD Zen 1 Vulnerability Emerges, Dividing by 0 Can Leak Sensitive Data

 

Despite the fact that AMD's Zen 1 architecture is immune to the recent 'Inception' vulnerability affecting modern Zen 3 and Zen 4 CPUs, another vulnerability has been found that affects Zen 1 CPUs specifically. According to a report by Phoronix, a new Zen 1 vulnerability was found that can release potentially sensitive data if the CPU divides an integer calculation by the number 0 in Linux operating systems.

 

Thankfully the issue appears to be Linux-specific and does not affect Windows operating systems. Plus the vulnerability is already being actively patched for Linux users. However, the same cannot be said of the two other vulnerabilities affecting modern AMD CPUs and Intel CPUs, Inception and Downfall, right now.

  • Thumb Up 3

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

Yep. You'll never get what you paid for. Scummy. First they offer better performance then later they'll have to take it back. 

 

The Blue pill.

AMD's Inception Fix Causes Up to 54% Performance Drop

 

 

 

 

And here is AMD's second problem..... It's Zen time 🙂 Maybe 3rd time have it's charm.

 

Red exclamation point in a triangle above 1's and 0's.
  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 2 months later...

CPU VULNERABILITY Intel is said to have known about Downfall as early as 2018

Plaintiffs accuse Intel of having known about security problems five years ago, which ultimately led to Downfall.....

  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • Thumb Up 2
  • Like 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 2 months later...

A new vulnerability affecting Apple, AMD, and Qualcomm GPUs could expose AI data

Some affected devices have already been patched, but many more are still vulnerable...
 
Based on extensive research, the group found GPUs made by AMD, Apple, and Qualcomm are vulnerable to this attack. Researchers could not find flaws in Intel, Nvidia, Arm, or Imagination GPUs....
  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 4 weeks later...

AMD discloses slew of high severity security vulnerabilities for Zen chips that attack BIOS chips — updates aim to patch bugs, finally fix Zenbleed

 

Update your BIOS ASAP. Hmmm. Here as well. Follow same procedure as with Windows security patches. Don't be the guinea pig.

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 1 month later...

Yup. Everyone hoped that Apple could make it better than Intel. 

 

The security analysts confirmed the exploit, dubbed GoFetch, works on M1 CPUs and speculate that it likely also impacts M2 and M3 chips and their Pro and Max variants. Intel's 13th-generation Raptor Lake processors also exhibit the flaw that enables GoFetch but are probably unaffected.

 

giphy.gif

 

Unpatchable Apple Silicon vulnerability could leak encryption keys

In brief: Hardware-based security flaws have become more frequent over the last several years but have mostly affected Intel and AMD processors. Now, Apple joins those ranks with a recently discovered vulnerability that causes Mac M-series CPUs to expose encryption keys. Since it is hardware-based, there is little users can do besides keeping macOS updated.
  • Thumb Up 2

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 1 month later...

AMD finally patches gaping Zenbleed security hole — MSI releases AGESA 1.2.0.Ca BIOS update for Zen 2

 

AMD did not state if this new security update impacts performance. When we tested Zenbleed fixes previously, we found that while gaming was unaffected, other performance could drop as much as 15%.

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 1 month later...

How can you make secure hardware when you can't secure your own network? Maybe AMD used own hardware? Or own home brewed AI software😀

 

This is not AMD's first encounter with cybersecurity challenges. In 2022, the company was targeted by the RansomHouse hacking group, which also claimed to have extracted data from AMD's networks. That incident led to an extensive investigation by AMD to assess the damage and bolster its security measures. 

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

Firmware flaw affects numerous generations of Intel CPUs

Eclypsium Automata uncovers Phoenix as the latest to fall to a significant Arbitrary Code Execution exploit impacting Lenovo, AMI, Insyde, and Intel motherboard firmware.

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 1 month later...

Almost cannot be fixed, say researchers....

 

 

'Sinkclose' is the name of a recently discovered major security vulnerability that affects virtually all of AMD's processors released since 2006. This flaw allows attackers to deeply infiltrate a system, making it extremely difficult to detect or remove malicious software. The issue is so severe that, in some cases, it may be easier to abandon an infected machine than to repair it, reports Wired

There is good news, though: since it has not been discovered for 18 years, it likely hasn't been used. Also, AMD is patching its platforms to protect them, though not all affected processors have received a patch yet.  

 

 

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

 
 "There are some older products that are outside our software support window." AMD has no plans to update its Ryzen 1000, 2000, and 3000 series processors or its Threadripper 1000 and 2000 models.
 
In short. AMD processors released as late as late 2019 is too old to be patched. Yup, AMD care about their customers (corporate, governments and vanilla PC consumers). 
 
Sinkclose evades antiviruses and "persists even after OS reinstall".
  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

  • 2 weeks later...

A "secure" system (actually a myth) that doesn't do what you want it to do is worthless. Function and performance always trump security as far as I am concerned. All the patches and security fixes in the world won't fix the DIMM-wit using the keyboard. (Yeah, you saw what I did there, LOL.)

 

The biggest security risk with any computer is a stupid user.

 

Simple fix... for unwanted updates, not for stupid users or stupid employees working on the Windoze Support Team (can't fix stupid)... just tweak the registry and hit "Advanced options" on the Windoze Updates page in settings and delay them for 10 years. Hint: You'll need to scroll a LOOOONG way down to reach the 10 year mark.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings]
"ActiveHoursEnd"=dword:00000011
"ActiveHoursStart"=dword:00000008
"AllowAutoWindowsUpdateDownloadOverMeteredNetwork"=dword:00000000
"ExcludeWUDriversInQualityUpdate"=dword:00000001
"FlightCommitted"=dword:00000000
"IsExpedited"=dword:00000000
"LastToastAction"=dword:00000000
"UxOption"=dword:00000004
"InsiderProgramEnabled"=dword:00000000
"SvDismissedState"=dword:00000001
"SmartActiveHoursSuggestionState"=dword:00000001
"SmartActiveHoursTimestamp"=hex(b):b9,80,63,7c,b6,73,da,01
"HideMCTLink"=dword:00000001
"RestartNotificationsAllowed2"=dword:00000000
"SmartActiveHoursStart"=dword:00000007
"SmartActiveHoursEnd"=dword:00000010
"FlightSettingsMaxPauseDays"=dword:00000e42

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings\ModelState]
"SignalRegistered"="::2F1AAFCACF"

 

image.png

other.jpg

original-mc.jpg

No need to worry about stupid crap like this (below) ruining your day when you're calling all of the shots and keeping the numbskulls at Micro$lop out of your business.

3 hours ago, Papusan said:

 

Yup. And this apply also for the OS. 

A Windows Patch Tuesday update that was supposed to fix a vulnerability has caused a number of dual-boot Windows-Linus PCs to no longer boot up in Linux. Microsoft has yet to fix this problem.

  • Like 1

Wraith // Z790 Apex | 14900KS | 4090 Suprim X+Byksi Block | 48GB DDR5-8600 | Toughpower GF3 1650W | MO-RA3 360 | Hailea HC-500A || O11D XL EVO

Banshee // Z790 Apex Encore | 14900KF | 4090 Gaming OC+Alphacool Block | 48GB DDR5-8600 | RM1200x SHIFT | XT45 1080 Nova || Antec C8

Spectre // Z790i Edge | 13900KS | 3090 Ti FTW3 | 48GB DDR5-8200 | RM1000e | EK Nucleus CR360 Direct Die || Prime A21

Raptor // Z690 PG Velocita | 13900KS | 2080 Ti | 32GB DDR5-6400 | RM1200x SHIFT | EK Nucleus CR360 Dark || Praxis Wetbench

Half-Breed // Dell Precision 7720 | BGA CPU Filth+MXM Quadro P5000 | 4K Display | Sub-$500 Grade A Refurb | Nothing to Write Home About

 Mr. Fox YouTube Channel | Mr. Fox @ HWBOT

The average response time for a 911 call is 10 minutes. The response time of a .357 is 1400 feet per second. 

Link to comment
Share on other sites

  • 3 weeks later...
On 8/10/2023 at 3:31 AM, Papusan said:
The Red pill.....
AMD is not aware of any Inception exploits outside of security research circles.

 

AMD 'Inception' Vulnerability Affects Zen 3 and 4

 

Unfortunately for AMD and its users, Inception affects the latest AMD Ryzen processor families based on Zen 3 and Zen 4 cores — across data center, desktop, HEDT, and mobile. However, we must be thankful that, as details of Inception go live, mitigations are in the pipeline.

 

 

The Blue pill.....

Sky Lake through Tiger Lake/Ice Lake affected.
 

Intel 'Downfall' Bug Steals Encryption Keys, Data From Years of CPUs

 

A new security vulnerability, called Downfall, was revealed today by Intel and the researcher who discovered it, Daniel Moghimi. The new attack uses Gather Data Sampling to steal data and other sensitive information from other users on a computer with Intel processors from 2015 through 2019 ranging from sixth gen Skylake through eleventh gen Rocket Lake and Tiger Lake.

 

With a native mitigation to Inception.... Newer Zen 5 and older Zen 1/Zen+ and Zen 2 CPU is unaffected. With Zen3 you're screwed.

 

With a native mitigation to Inception, Zen 5 is unaffected by software-based security mitigations' potential performance degradation effects. Zen 3 and Zen 4 require software mitigations to patch Inception. Zen 3 can suffer a whopping 54% performance drop with the Inception software mitigations turned on (but only on specific workloads).

Hilariously, though, AMD's older Zen 1/Zen+ and Zen 2 CPU architectures are unaffected by the Inception vulnerability due to the way the branch predictor works in those architectures.

 

https://www.tomshardware.com/pc-components/cpus/zen-5-cpu-performance-is-unaffected-by-inception-mitigation

 

 

  • Thumb Up 1

"The Killer"  ASUS ROG Z790 Apex Encore | 14900KS | 4090 HOF + 20 other graphics cards | 32GB DDR5 | Be Quiet! Dark Power Pro 12 - 1500 Watt | Second PSU - Cooler Master V750 SFX Gold 750W (For total of 2250W Power) | Corsair Obsidian 1000D | Custom Cooling | Asus ROG Strix XG27AQ 27" Monitors |

 

                                               Papusan @ HWBOTTeam PremaMod @ HWBOT | Papusan @ YouTube Channel

                             

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue. Terms of Use