-
Posts
-
By Nick H. · Posted
This thread has run its course. The complaint has been noted and we'll handle things on our side. Again, for future reference please report a post that you have an issue with and we will investigate. <Thread closed> -
By hellowalkman · Posted
AMD Ryzen 9000, 8000, 7000 CPUs have a vulnerable TPM-Pluton, major firmware fix released by Sayan Sen Last week, the Trusted Computing Group (TCG), which is the developer of the Trusted Platform Module (TPM) security standard, alerted the press and AMD about a new TPM vulnerability on Ryzen processors. Tracked under ID "CVE-2025-2884" (AMD is tracking it as "AMD-SB-4011"), the vulnerability allows an attacker to exploit the vulnerability by sending malicious commands to read data stored in the TPM via an information disclosure flaw or potentially impact TPM availability on systems through a denial of service attack. This is a type of out-of-bound read security flaw. The TCG notes that the flaw occurs in the CryptHmacSign function due to improper validation of a message digest or hash via the hash-based message authentication code (HMAC) signature scheme, leading to an out-of-bounds situation. TCG explains in its VRT0009 advisory: The Common Vulnerability Scoring System (CVSS) score of the flaw is 6.6 indicating a medium level of severity. This is typically the case for most local-level attacks as in order to exploit such a flaw, the threat actor must have physical access to a device. Regardless, AMD has issued firmware to patch the vulnerability on Ryzen 7000, 8000 (Zen 4) and Ryzen 9000 (Zen 5) parts. AMD has confirmed that AGESA (AMD Generic Encapsulated Software Architecture) firmware Combo PI (Platform Initialization) 1.2.0.3e mitigates the flaw. The company notes that the said firmware fixes "ASP fTPM + Pluton TPM" issue. If you are wondering, ASP refers to AMD Secure Processor which is "a dedicated hardware component embedded in every system-on-a-chip." AMD's motherboard vendor partners like Asus and MSI have already begun rolling out the firmware update. MSI has a blog post about the 1.2.0.3e Combo PI as it mentions several new upcoming features including support for new CPUs, better memory compatibility, and more. MSI writes: Interestingly, Asus notes that this firmware update is irreversible as it is a major release. Thus one would hope that it is a very stable release and given that this is the "e" stepping of the firmware, there are pretty good chances of that. Other vendors like Gigabyte and ASRock are yet to release their updates. -
By +sphbecker · Posted
Really?? Having a sense of humor is a sign of intelligence...what does that say about someone who totally misses the joke and can only respond by parroting a political talking point they heard others make? -
By +sphbecker · Posted
Great article. These are all honest and well-made points. It amazes me how increasingly dishonest the anti-11 crowd it getting these days. It's refreshing to see an honest take. -
By Taliseian · Posted
I run a very small Discord server that handles news and discussion on a few games - less than 25 members so far, but growing. I would NEVER allow anyone to block or ignore myself or any of the other admins. If myself or an admin gets blocked, we are unable to perform the duties that I asked them to on the server - one of which is to moderate chat and ensure things stay (mostly) family friendly. Since it's my server, I am the Final Boss on the server and if someone doesn't like it, I will gladly show them the door.
-
-
Recent Achievements
-
Wireless wookie went up a rank
Apprentice
-
bukro earned a badge
Week One Done
-
Wulle earned a badge
One Year In
-
Wulle earned a badge
One Month Later
-
Simmo3D earned a badge
One Month Later
-
-
Popular Contributors
-
Tell a friend
Recommended Posts