AMD Has a Problem – And So May You
Here is the short version.
AMD partner Asus disclosed a microcode bug before AMD has a patch developed. They posted a beta BIOS update that has since been removed.
Remember that the BIOS gets loaded before the operating system, so any OS security tools are likely useless in blocking this.
The good news is that you have to be a local admin in order to exploit this vulnerability, but for many systems, that is the default, so that is not much of a hill to climb.
AMD says that you should only work with trusted suppliers when installing new code and plans to issue a security bulletin soon. Whatever that means.
The attack is likely beyond the skill of most script kiddies – at least for this week.
The bad news is that there are a lot of attackers that do have the skill and if they compromise you they will be able to change the microcode of your computer.
If they are able to do that your anti-malware software will not detect it – that is beyond the scope of what that type of software can do. Likely, it will go undetected forever unless the attacker goes nuclear on your system.
IF you are concerned about security, unfortunately, you really only have one option and that is to completely isolate those AMD-based computers until a patch is released.
This is really a risk management issue. John Price, CEO at security firm SubRosa suggested doing strict hardware segmentation of vulnerable systems. Certainly identifying those systems which are vulnerable is step one. Step two is to make sure that you do not do any updates of any kind on those systems until this is fully fixed. Step 3 is reviewing your risk tolerance and deciding what to do next.
It also means restricting privileges.
As I said above, it does require a skilled – at least for now – to execute this attack, but don’t expect that to last very long.
If you have AMD based computers, stay alert and watch for a fix from AMD. That could happen in a few days or maybe a week or two.
Credit: CSO Online
by 