Threat Alert Notifications
Thank you for visiting InteliSecure’s Threat Alert page. Below, listed by date of original publishing, you will find information on identified vulnerabilities that impact data protection. Full reports are broken down by: Summary, Key Findings, Mitigation, and Further Reading.
You may sign up to receive alerts and updates on threats here.
Vulnerability Name(s): Ryzen and EPYC
Original Post Date: March 15, 2018
Last Updated: March 15, 2018
Summary: CTS Labs announced 13 critical findings on March 15, 2018 that could leave select AMD processors compromised through potentially severe vulnerabilities and 24 hours for the manufacturer to respond prior to publishing their findings. Impacted Systems include: AMD’s EPYC server, Ryzen workstation, Ryzen Pro and Ryzen mobile chip sets. Currently 21 of AMD’s chip sets have been successfully exploited.
Vulnerability Name(s): Spectre and Meltdown
Original Post Date: Jan 4, 2018
Last Updated: Jan 4, 2018
Summary: Windows, Linux and MacOS have all received critical security updates that affect how virtual memory is handled due to architectural design flaws that proof of concept code has demonstrated as the tale of dual threats, called Spectre and Meltdown. Both threats break the glass ceiling and the isolation between applications by reading privileged memory and taking advantage of data cache timing vulnerabilities and have the potential of virtual memory reads across boundaries in unknown contexts.