Security News

ASUS announced the introduction of a comprehensive server portfolio based on the latest AMD EPYC 7003 series processors. The new ASUS RS720A, RS700A, RS520A and RS500A-E11 series servers offer refreshed designs based on both dual-socket and single-socket AMD EPYC 7003 series processors.

This new portfolio of HPE ProLiant servers and HPE Apollo systems uses the 3rd Gen AMD EPYC processor to provide foundational compute platforms that deliver unmatched performance, security, automation, and remote management capabilities to support a range of critical workloads that are essential to digital transformation. "HPE is addressing these dynamic market needs every step of the way with high-performing solutions that can scale, secure and efficiently run workloads to speed time-to-value," said Neil MacDonald, senior vice president and general manager, Compute Business Group at HPE. "Through our longtime collaboration and joint engineering with AMD, we are delivering the biggest and broadest portfolio of computing solutions, using the new 3rd Gen AMD EPYC processor, to transform infrastructure and provide the economics, agility and ease of management that is critical to tomorrow's data center needs."

Chipmaker AMD on Monday announced the launch of its new EPYC 7003 series server processors - codenamed Milan - and the company has shared some information about new and improved security features. The new CPUs are based on the Zen 3 architecture and AMD says they bring significantly improved performance for enterprise, cloud and HPC workloads.

Microsoft is integrating its Pluton security processor directly into Intel, AMD, and Qualcomm CPUs to better secure Windows PCs. Windows 10 gains enhanced security by utilizing specialized chips called Trusted Platform Modules to provide hardware-based security functions. Microsoft is now partnering with Intel, AMD, and Qualcomm to introduce the Pluton security processor as an on-die chip in their CPUs.

Sharing its findings with The Hacker News, a group of academics from the Graz University of Technology and CISPA Helmholtz Center for Information Security finally revealed the exact reason behind why the kernel addresses are cached in the first place, as well as presented several new attacks that exploit the previously unidentified underlying issue, allowing attackers to sniff out sensitive data. The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel, which not just impacts the most recent Intel CPUs with the latest hardware mitigations, but also several modern processors from ARM, IBM, and AMD - previously believed to be unaffected.

Google on Tuesday unveiled the first product in its Google Cloud Confidential Computing portfolio: Confidential VMs. Currently in beta for Google Compute Engine, Confidential VMs are designed to help organizations, particularly ones in regulated industries, protect sensitive data by providing memory encryption capabilities that can be leveraged to isolate cloud workloads. Confidential VMs leverage the Secure Encrypted Virtualization feature in 2nd Gen AMD EPYC processors to ensure that sensitive data remains encrypted at all times, including while it's used, queried or indexed.

An attacker with physical or privileged access to certain AMD powered systems could exploit the flaws to execute arbitrary code or take control of the firmware. AMD, which dubs the flaws "SMM Callout Privilege Escalation" bugs, released a fix for one of the three, CVE-2020-14032, on June 8.

AMD last week said it was preparing patches for a vulnerability affecting the System Management Mode of the Unified Extensible Firmware Interface shipped with systems that use certain notebook and embedded processors. Discovered by security researcher Danny Odler in AMD's Mini PC and tracked as CVE-2020-12890, the vulnerability is one of the three issues reported in April, allowing an attacker to manipulate secure firmware and execute arbitrary code while avoiding detection.

In three posts marked urgent to the Linux kernel mailing list on Tuesday, Anthony Steinhauser points out problems with countermeasures put in place to block Spectre vulnerabilities in modern Intel and AMD x86 microprocessors that perform speculative execution. The Spectre family of flaws involve making a target system speculate - perform an operation it may not need - in order to expose confidential data so an attacker can obtain it through an unprotected side channel.

Modern Intel and AMD processors are susceptible to a new form of side-channel attack that makes flush-based cache attacks resilient to system noise, newly published research shared with The Hacker News has revealed. It also works seamlessly against non-Linux Operating Systems, like macOS. "Like any other cache attacks, flush based cache attacks rely on the calibration of cache latency," Biswabandan Panda, assistant professor at IIT Kanpur, told The Hacker News.