AMD on Monday issued two patches for severe microcode security flaws, defects that AMD said “could lead to the loss of Secure Encrypted Virtualization (SEV) protection.” The bugs were inadvertently revealed by a partner last week. The most dangerous time for this kind of security hole is right after it is disclosed and before patches are applied. Due to the nature of microcode patches, enterprise users now have to wait for OEMs and other partners to implement the fixes in their hardware-specific microcode.”This places more burden on hardware vendor OEMs to distribute and install. That may cause a delay in adoption,” said John Price, CEO at Cleveland-based security firm SubRosa. “This could potentially create a gap. The speed of adoption might not be as quick as we would like to see.”
First seen on networkworld.com
Jump to article: www.networkworld.com/article/3815850/amd-patches-microcode-security-holes-after-accidental-early-disclosure.html
