this post was submitted on 10 Aug 2024
27 points (82.9% liked)

PC Gaming

8210 readers
415 users here now

For PC gaming news and discussion. PCGamingWiki

Rules:

  1. Be Respectful.
  2. No Spam or Porn.
  3. No Advertising.
  4. No Memes.
  5. No Tech Support.
  6. No questions about buying/building computers.
  7. No game suggestions, friend requests, surveys, or begging.
  8. No Let's Plays, streams, highlight reels/montages, random videos or shorts.
  9. No off-topic posts/comments.
  10. Use the original source, no clickbait titles, no duplicates. (Submissions should be from the original source if possible, unless from paywalled or non-english sources. If the title is clickbait or lacks context you may lightly edit the title.)

founded 1 year ago
MODERATORS
[email protected]
[email protected]
[email protected]
27
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections (www.wired.com)
submitted 1 month ago by [email protected] to c/[email protected]
11 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 3 points 1 month ago

I really dislike the idea of "needs ring 0 = nothingburger".

There's plenty if ways to gain ring 0 access like a user to approving a UAC prompt... Or for an attacker to utilize any number of existing ring 0 escalation vulnerabilities on an unpatched system, or for a UAC bypass to be utilized, or for the attacker to establish a RAT on the system using a tech support scam or similar.

Difficult? Yes!

Only viable via a supply chain attack as some like to suggest? Absolutely not.