MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
amd
Search

After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip

Sunday January 7, 2018. 09:34 PM , from Slashdot
An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel's much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations. The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

Read more of this story at Slashdot.
rss.slashdot.org/~r/Slashdot/slashdot/~3/zU2RmC8m_8o/after-intel-me-researchers-find-security-bug-in...
News copyright owned by their original publishers | Copyright © 2004 - 2018 Zicos / 440Network
Current Date
Oct, Tue 23 - 05:57 CEST