Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

AMD EPYC CPUs are suffering from a bunch of nasty security bugs

Image Description

AMD has issued three security bulletins announcing fixes for a whopping 50 vulnerabilities, with 22 of them affecting all three generations of its flagship EPYC server processors.

Furthermore, of the 50 addressed vulnerabilities, almost half (23) are marked as High Severity on the Common Vulnerability Scoring System (CVSS).

Of the 22 EPYC flaws, all of which exist on the latest third generation processor, 17 on the second generation, and 12 on the oldest first generation chip, four are rated as High severity.

“During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV) and other platform components were discovered and have been mitigated in AMD EPYC AGESA PI packages,” notes AMD in its security bulletin.

All’s well that ends well

AMD has announced that it has released AGESA versions for all three generations of processors to address the listed vulnerabilities.

AGESA or AMD's Generic Encapsulated System Architecture is released to motherboard vendors for building their firmware and pushing updates.

In addition to the hardware bugs, AMD has also announced fixes for 27 vulnerabilities in the AMD Graphics Driver for Windows 10, with 18 of them marked as High.

According to AMD, the vulnerabilities can be exploited to facilitate escalation of privilege, unauthorized code execution, memory corruption, information disclosure, and denial of service attacks.

In addition to these AMD's μProf performance analysis utility also gets a fix for a lone High-rated improper access control vulnerability. 

Hunting for a new device? These are the best workstations around today

Date

12 Nov 2021

Sources


Share


Other Blog

  • MacBook Air and Pro 13 South Africa: Prices, availability

    The Apple MacBook Air and Pro 13 are landmark laptops for the company as they are the first to move away from the Intel chips to Apple's own M1 chipset

    Read More
  • Google IO 2022 dates, registration, and what to expect from Google's online show

    Google announced its IO 2022 keynote conference for May 11, concluding on May 12, which will mainly be an online event.

    While we don't have confirmation yet of what's appearing, it's likely that we'll see Android 13 appear as a preview, similar to last year's Android 12 launch at Google IO 2021.

    Like last year, much of Google IO 2022 will be held online, but you can register to attend, according to its FAQ.

    After Google canceled its 2020 event due to the pandemic, Google IO 2021 was online only. But with this year's event seemingly hosting an online and offline audience, we may see more demos this year of what Google's been working on.

    We suspect Sundar Pichai will kick off the main keynote on May 10, which we expect will be free to stream as before.

    See more

    We won't know officially until the May 11 keynote what Google intends to show off, but we can already extrapolate based on the rumors and leaks coming from Google's camp. Below, we'll predict Google's hardware and software lineup for Google IO 2022, as well as explain how the virtual event will work.

    LATEST NEWS

    Google IO 2022 is announced as a mostly-online event, but you can register to attend.

    Cut to the chase

    • What is it? Google's yearly developer conference
    • When is it? May 11-May 12, 2022
    • How can I register / how much does it cost? On the Google event page for free; all you need is a Google account

    Google IO 2022 Registration

    (Image credit: Google)

    What are the Google IO 2022 dates?

    Google revealed that its developer conference would take place from Wednesday, May 11 through Thursday, May 12. Google regularly schedules its annual three-day conference for mid-May, making these dates on-brand for the company.

    The traditional keynote hasn't been confirmed as yet, but we expect it to be held on the first day of IO 2022, May 11.

    Google IO 2022 Logo

    (Image credit: Google)

    Is Google IO online-only?

    Google canceled the May 2020 event in early March 2020, right at the advent of the pandemic when everyone had begun to shelter in place and live events felt increasingly unsafe.

    Google normally holds the Google IO keynote and subsequent developer sessions in physical gatherings at the Shoreline Amphitheater in Mountain View, California, where COVID-19 restrictions on large events are slowly being lifted across the country. 

    But with Google IO 2021 repeating the same plan as 2020, many had assumed that IO 2022 would follow. This has turned out to be partly true, as you can register to attend, but the company has said that invites will be hard to attain.

    How Google IO 2022 will work

    Most casual Google users associate Google IO with the keynote address, which streams online where anyone can watch it. But in previous years you could also buy a pass to attend Google developer sessions, new product demos, labs to learn about new code, and other events for professionals or hobbyists. 

    This year, most of those events look to be virtual and free, with Google announcing more details as the event gets closer.

    Some Google IO 2022 events will be free to all and rewatchable on-demand, as in previous years. But there will be other events that will require you to reserve a slot due to its popularity.

    Google IO stage

    (Image credit: Future)

    What to expect at Google IO 2022

    Based on Google's annual product and software calendar, plus all the leaks and rumors we've heard about, we have a general idea of what Sundar Pichai and the Google execs will discuss during the Google IO 2022 keynote. Here are the highlights:

    Android Logo

    (Image credit: Google)

    Android 13

    The latest Android OS is already in the developer beta stage on Pixel 6 phones and lower, but we're certain that Google will spend time outlining Android 13's undisclosed tricks on stage. 

    With Apple almost certainly introducing iOS 16 at WWDC in June, Google will want to jump ahead of that and show off its newest innovations first. It could even announce the launch of the Android 13 public beta, though that isn't confirmed.

    While the preview shows few hints towards Android 13, it does look as though privacy will be another focus for Google in this release, alongside more refined theme options.

    With Android 12L focusing on tablets more than ever, there's a chance that we may see an Android 13L that's primarily tailored for tablets and foldable devices.

    The back of a Google Pixel 6 Pro in yellow

    (Image credit: Google)

    Less likely: Pixel 7 and Pixel Tablet

    Google is actively developing the Pixel 7 and a Pixel foldable phone, alongside a rumored Pixel Tablet, potentially for a simultaneous October 2022 release. That's far enough out that Google may not want to show off their specs or hardware until it's closer to Fall.

    But Google IO has primarily been software-focused, with the only hardware being shown in previous years, being a Chromecast or Google Home products.

    However, with IO 2022 allowing some attendees, there's always a chance that hands-on demos is something that the company will want to take advantage of.

    wearOS Google

    (Image credit: Google)

    New Fitbit hardware or Wear OS updates

    Ever since Google bought Fitbit despite antitrust concerns, we've been curious how Google will put its personal spin on the best Fitbits of the future. 

    Since Google IO 2021, we've seen a bigger focus from the company on how Wear OS 'fits' in its product line, but we've yet to see another Google-branded smartwatch return.

    This may be the year that we see a section dedicated to Fitbit, Wear OS, and more. Google is aware that the Apple Watch rules over all others in the category, and 2022 may be the year that we see some more major improvements.

    Read More
  • POS consolidation continues as Lightspeed buys ShopKeep

    POS solution provider Lightspeed has purchased rival ShopKeep in a deal worth approximately $440 million.

    Read More
  • iPad mini 6 case mold leak points to a major design overhaul

    All the rumors are pointing to a new look for the iPad mini this year, including the most recent one.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us