{"id":1757,"date":"2025-02-04T00:08:38","date_gmt":"2025-02-04T00:08:38","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=1757"},"modified":"2025-02-04T00:08:38","modified_gmt":"2025-02-04T00:08:38","slug":"amd-patches-microcode-security-holes-after-accidental-early-disclosure","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=1757","title":{"rendered":"AMD patches microcode security holes after accidental early disclosure"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>AMD on Monday issued two patches for <a href=\"https:\/\/www.csoonline.com\/article\/3809165\/amds-unpatched-chip-microcode-glitch-may-require-extreme-measures-by-cisos.html\">severe microcode security flaws<\/a>, defects that AMD said \u201ccould lead to the loss of Secure Encrypted Virtualization (SEV) protection.\u201d The bugs were inadvertently revealed by a partner last week. <\/p>\n<p>The most dangerous time for this kind of security hole is right after it is disclosed and before patches are applied. Due to the nature of microcode patches, enterprise users now have to wait for OEMs and other partners to implement the fixes in their hardware-specific microcode.<\/p>\n<p>\u201cThis places more burden on hardware vendor OEMs to distribute and install. That may cause a delay in adoption,\u201d said John Price, CEO at Cleveland-based security firm SubRosa. \u201cThis could potentially create a gap. The speed of adoption might not be as quick as we would like to see.\u201d<\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>AMD on Monday issued two patches for severe microcode security flaws, defects that AMD said \u201ccould lead to the loss of Secure Encrypted Virtualization (SEV) protection.\u201d The bugs were inadvertently revealed by a partner last week. The most dangerous time for this kind of security hole is right after it is disclosed and before patches [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":1758,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-1757","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1757"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1757"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/1757\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/1758"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1757"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1757"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1757"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}