fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

AMD Fixes Dozens of Windows 10 Graphics Driver Security Bugs

AMD Fixes Dozens of Windows 10 Graphics Driver Security Bugs

AMD has fixed a long list of security vulnerabilities found in its graphics driver for Windows 10 devices, allowing attackers to execute arbitrary code and elevate privileges on vulnerable systems.

The potential impact and the flaws’ severity vary, with AMD tagging more than a dozen bugs as high severity.

Also Read: Top 5 Impact of Data Loss on Business

“In a comprehensive analysis of the AMD Escape calls, a potential set of weaknesses in several APIs was discovered, which could result in escalation of privilege, denial of service, information disclosure, KASLR bypass, or arbitrary write to kernel memory,” AMD explained.

The security flaws were discovered by both independent security researchers Ori Nimron and driverThru_BoB 9th, as well as Eran Shimony of CyberArk Labs and Lucas Bouillot, of the Apple Media Products RedTeam.

The complete list of patched bugs includes:

  • Ori Nimron (@orinimron123) : CVE-2020-12892, CVE-2020-12893, CVE-2020-12894, CVE-2020-12895, CVE-2020-12897, CVE-2020-12898, CVE-2020-12899, CVE-2020-12900, CVE-2020-12901, CVE-2020-12902, CVE-2020-12903, CVE-2020-12904, CVE-2020-12905, CVE-2020-12963, CVE-2020-12964, CVE-2020-12980, CVE-2020-12981, CVE-2020-12982, CVE-2020-12983, CVE-2020-12986, CVE-2020-12987
  • Eran Shimony of CyberArk Labs: CVE-2020-12892
  • Lucas Bouillot, of the Apple Media Products RedTeam: CVE-2020-12929
  • driverThru_BoB 9th: CVE-2020-12960

A full list of vulnerabilities found in the AMD Graphics Driver for Windows 10 and their description is available in the security advisory published this week.

An AMD spokesperson was not immediately available to provide additional details when contacted by BleepingComputer today

AMD EPYC server processor bug fixes

This week, AMD also patched medium and high severity security flaws impacting the company’s 1st/2nd/3rd Gen AMD EPYC server processors that could lead to arbitrary code execution, bypassing SPI ROM protections, loss of integrity, denial of service, information disclosure, and more.

Also Read: 6 Ways to Protect Your Business From Employee Data Theft

“During security reviews in collaboration with Google, Microsoft, and Oracle, potential vulnerabilities in the AMD Platform Security Processor (PSP), AMD System Management Unit (SMU), AMD Secure Encrypted Virtualization (SEV) and other platform components were discovered and have been mitigated in AMD EPYC AGESA PI packages,” AMD said.

The company also addressed an improper access control vulnerability (CVE-2021-26334) found by Michal Poslušný from ESET Research in the AMDPowerProfiler.sys driver of the AMD μProf tool.

AMD μProf is a performance analysis utility that can be used to inspect Windows, Linux, and FreeBSD applications.

Successful exploitation of this flaw would allow attackers without enough privileges to gain access to kernel model-specific registers, which leads to privilege escalation and ring-0 code execution that gives the attacker full control over the vulnerable system.

Windows 11 performance issues addressed in October

In early October, right after Windows 11 began rolling out, AMD has also warned of significant performance hits on Windows 11-compatible AMD processors, including the latest Ryzen CPUs, when using some applications.

One of the compatibility issues led to increased measured and functional L3 cache latency which had a direct impact on the access time to the memory subsystem for some apps.

While for some of the affected apps the expected performance impact was between 3 to 5%, for eSports games AMD said that customers could see a performance decrease of 10-15% on Windows 11.

The AMD CPU issues were addressed two weeks later with the optional KB5006746 cumulative update preview for Windows 11 released on October 21.

“Addresses an L3 caching issue that might affect performance in some applications on devices that have AMD Ryzen processors after upgrading to Windows 11 (original release),” Microsoft explained in the release notes.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us