Originally posted by shmerl
View Post
This is a short-sellers dream...
between: https://twitter.com/cynicalsecurity/...91954096381952 and https://www.reddit.com/r/Amd/comment...en_epyc_chips/ is a non-issue
MASTERKEY: "Exploiting MASTERKEY requires an attacker to be able to re-flash the BIOS with a specially crafted BIOS update. " | By the time you let attacker install BIOS you are already PWND |
RYZENFALL: Exploitation requires that an attacker be able to run a program with local-machine elevated administrator privileges. Accessing the Secure Processor is done through a vendor supplied driver that is digitally signed. | By the time you let attacker have admin rights, they can do anything they want anyway! |
FALLOUT: Exploitation requires that an attacker be able to run a program with local-machine elevated administrator privileges. Accessing the Secure Processor is done through a vendor supplied driver that is digitally signed. | Same as above. |
CHIMERA: A program running with local-machine elevated administrator privileges. Access to the device is provided by a driver that is digitally signed by the vendor. | Same as above. |
Comment