cybersecurity

4088 readers

148 users here now

An umbrella community for all things cybersecurity / infosec. News, research, questions, are all welcome!

Community Rules

Be kind
Limit promotional activities
Non-cybersecurity posts should be redirected to other communities within infosec.pub.

Enjoy!

founded 2 years ago

MODERATORS

[email protected]

AMD confirms security vulnerability in every Zen 1 to Zen 5 processor (www.tweaktown.com)

submitted 4 weeks ago by [email protected] to c/[email protected]

10 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] [email protected] 3 points 4 weeks ago (1 children)

weakness in signature verification algorithm that could allow an administrator privileged attacker to load arbitrary microcode patches

I don't think this will affect performance unless you depend on having to quickly update the CPU microcode multiple times a second.

[–] [email protected] 2 points 4 weeks ago

I apologize for being glib.

Agreed, shouldn't affect performance. But also depends on how they see best to patch the vulnerability. The microcode patch mechanism is the currently understood vector, but might not be the only way to exploit the actual underlying vulnerability.

I remember the early days of Spectre when the mitigation was "disable branch prediction", then later they patched a more targeted, performant solution in.