WYP
News Guru
The vulnerabilities are real, but this isn't a doomsday scenario for AMD.
Read more about AMD's response to CTS Labs' research.
Read more about AMD's response to CTS Labs' research.
AMD responds to CTS Labs Vulnerabilities - Impact Assessment
- Thread starter WYP
- Start date
AlienALX
Well-known member
The fact that you need to actually be on the victim PC just makes me LOL. I mean seriously? it takes me back to the days of going into PC world, getting to DOS and typing Format c: /q /s /u. Then standing back and LOLing whilst it formats the drive unconditionally.
Seriously? you want to do damage to a PC? get a USB kill. You may as well, if you have access to it. GN posted a video today and it appears it was a deliberate attempt to manipulate the stock market.
Seriously? you want to do damage to a PC? get a USB kill. You may as well, if you have access to it. GN posted a video today and it appears it was a deliberate attempt to manipulate the stock market.
NeverBackDown
AMD Enthusiast
Need administration access?
If they ever get that far you have far more crap to be worried about than worrying about them installing malware
If they ever get that far you have far more crap to be worried about than worrying about them installing malware
Kleptobot
Member
There is a difference between administrative access and physical access
Personally I rotfled when I saw these. With unrestricted admin rights and ability to flash systems bios you can do anything at all.
In fact, LETS ALL CREATE A NEW RESEARCH GROUP then " discover " that if you bios flash the intel mobos bios to a version before its anti-meltdown update then use administrative rights to rollback the system update, why not, you have the rights OMG OMG THIS CREATES MELTDOWN 2.0 OMG OMG. Intel must be bad then, don't buy intel, its stock must be "0.0$".
But lets be serious, with admin rights you can upload a custom service that will run any command as nt authority / system account. With that you can copy move delete and edit any file, partition or memory space and with a modified yet somehow still signed driver theres nothing you cant do. You can run 50 amps through a chipset, zero-out drive firmware, create new invisible partitions, put undetectable apache server on them and run some hacked edition of pornhub from victims computer. On ANY CPU, motherboard or even system(as Linux root will allow mostly the same thing).
I suspect they didn't "find" or "Research anything". Someone at CTF got these sneaky details illegaly of engineers then publish it for monetary gains.
In fact, LETS ALL CREATE A NEW RESEARCH GROUP then " discover " that if you bios flash the intel mobos bios to a version before its anti-meltdown update then use administrative rights to rollback the system update, why not, you have the rights OMG OMG THIS CREATES MELTDOWN 2.0 OMG OMG. Intel must be bad then, don't buy intel, its stock must be "0.0$".
But lets be serious, with admin rights you can upload a custom service that will run any command as nt authority / system account. With that you can copy move delete and edit any file, partition or memory space and with a modified yet somehow still signed driver theres nothing you cant do. You can run 50 amps through a chipset, zero-out drive firmware, create new invisible partitions, put undetectable apache server on them and run some hacked edition of pornhub from victims computer. On ANY CPU, motherboard or even system(as Linux root will allow mostly the same thing).
I suspect they didn't "find" or "Research anything". Someone at CTF got these sneaky details illegaly of engineers then publish it for monetary gains.
Similar threads
