Here we are - 3600 which was still under manufacture 2-3 years ago are not get patched. Shame on you AMD, if it is true.
What are you on about?
Ryzen 3xxx series processors are still being sold new today
The oldest zen processors are only just over half a decade old—a consumer CPU should be expected to be in service at least double that time.
AMD is producing them new or your local shop us? Because AMD doesnt care about your local tech shop dead stock.
They aren’t patching CPUs that were released 5 years ago.
They should be patching back to Ryzen 1 since those are still perfectly good CPUs. 5-7 years really isn’t that old considering how little improvement there is with each generation.
Sure, not much per gen, but if you compare say a 1700x vs the current 9700x, you are roughly looking at a 3x improvement in single and multicore performance increase.
Most of desktop users don’t care at all about these gains. Slap in normal ram and an SSD and a 1000 series Ryzen is ready to be a run of the mill desktop, that browses and can show media no problem.
I care! But I’m a power user. Most aren’t.
@just_another_person @TheHolm where do you get the 15 year old hardware from?
The enterprise models are getting patched but the consumer ones aren’t. Shame on them.
Consumer usage is not really concerned by the attack scenario of this vulnerability from what I understand. The prerequisite is to have access to the bios so it’s already game over at this point.
Chip makes should not only treat customer CPUs as possibly-business hardware when adding shit like (Intel) ME, Pluton and (AMD) PSP, but also when patching serious vulnerabilities and providing support!
Agreed, firmware security by chip manufacturers has been underwhelming to say the least and we can blame them for that. But in this specific instance I still don’t see the benefit of a fix for consumer usage. Companies have a responsibility and accountability toward their users, so a fix is due, for personal laptops/PCs the threat is toward the owners themselves (activists, diplomats, journalists, etc.). The latter do not buy second hand equipment, and if the firmware is compromised while they own it, they are already in danger.
When you pay for enterprise equipment, you are typically paying a premium for longer, more robust support. Consumer products are less expensive because they don’t get this support.
Attackers need to access the system kernel to exploit the Sinkclose vulnerability, so the system would have to already be compromised. The hack itself is a sophisticated vector that is usually only used by state-sponsored hackers, so most casual users should take that into account.
So it’s a vulnerability that requires you to.already have been compromised. Hardly seems like news.
I can understand AMD only patching server chips that by definition will be under greater threat. On the other hand it’s probably not worth the bad publicity not to fix more.
The reason that this is news is because it allows malware to embed itself into the processor microcode once kernel is breached. IE: If it is exploited for compromise, you either have to have the knowledge and hardware to reset the processor microcode manually (Requires an SPI flash tool) or you toss the hardware entirely. There’s no just ‘blow the drive away and reinstall the OS’ solution available.
And that introduces a specific type of supply chain threat: someone who possesses a computer can infect their own computer, sell it or transfer it to the target, and then use the embedded microcode against the target, even if the target completely reformats and reinstalls a new OS from scratch.
That’s not going to affect most people, but for certain types of high value targets they now need to make sure that the hardware they buy hasn’t already been infected in the supply chain.
This sounds weird. I was in the impression that operating systems load updated cpu microcode at every boot, because it does not survive a power cycle, and because the one embedded in the BIOS/UEFI firmware is very often outdated. But then how exactly can a virus persist itself for practically forever?
The OS can’t get to the point of loading cpu microcode without that outdated, embedded microcode. The reason it can persist is because there aren’t a lot of good ways to see what that UEFI microcode actually is once it’s installed. Plus, only the UEFI tells you that it has successfully updated itself. There is no other more authoritative system to verify that against. So the virus could just lie and say it’s gone and you would never know. Hence needing to treat it as the worst case scenario, that it never leaves.
I personally agree. I think it’s being somewhat overhyped. If step one is physical access to get things rolling… like for sure some machines are in more public areas than others. But for me, someone would have to break into my house first, then access my machine, just to run exploits later. The exploit is pretty massive, but I think needs to be tempered with “first they need physical access”. Because physically controlling machines has always been number 1 for security.
It’s important because it allows them to directly modify the CPU’s microcode. Basically, the CPU has its own set of instructions, called microcode, which controls how the chip functions on a physical level. If they manage to change your microcode, even a full system reformat won’t kill the virus; You’ll need to either re-flash the CPU (which is not something the standard user or even power user will know how to do) or replace the entire CPU.
Welp, glad I avoided that