Little-CRPG-that-could Baldur's Gate 3 has solved the Labyrinth, outwitted the Sphinx and ascended to the rank of Metacritic's highest-rated PC game of all time, knocking ZA/UM's Disco Elysium into second place. (OK, so technically they're both on 97, but I'm guessing the "score distillation" arithmetic behind-the-scenes puts Baldur's Gate 3 ahead - their positions were reversed last time I checked.) This follows a busy weekend for Larian's new game, which exceeded its own online player activity record on Sunday to the tune of around 875,000 players.
'Zenbleed' Flaw Affects AMD Zen 2 CPUs, But Patches Are Months Away
25.07.2023 - 19:43 / pcmag.com
If you own an AMD chip built with the Zen 2 architecture, be on the lookout for an important patch in the coming months. A security researcher discovered a flaw in AMD’s CPUs that can be exploited to steal passwords and encryption keys from a PC.
The finding comes from Tavis Ormandy, a security researcher at Google, who warns the vulnerability affects all Zen 2 CPUs, which span(Opens in a new window) both desktop and laptop chips largely in the Ryzen 3000 and 4000 line, in addition to Epyc "Rome" processors.
By abusing the flaw, a hacker can trigger a Zen 2 CPU to leak normally protected data, which can include sensitive details. "The attack can even be carried out remotely through JavaScript on a website, meaning that the attacker need not have physical access to the computer or server,” adds(Opens in a new window) internet backbone provider Cloudflare.
Ormandy discovered the problem while “fuzzing” the AMD processors, which essentially involves trying to get the chips to crash by bombarding them with invalid instructions. The Zenbleed vulnerability specifically affects the register file for the CPUs, which stores information to complete operations.
“This attack works by manipulating register files to force a mispredicted command,” Cloudflare says. “Since the register file is shared by all the processes running on the same physical core, this exploit can be used to eavesdrop on even the most fundamental system operations by monitoring the data being transferred between the CPU and the rest of the computer.”
In his own write-up(Opens in a new window), Ormandy adds: “The bug works like this, first of all you need to trigger something called the XMM Register Merge Optimization, followed by a register rename(Opens in a new window) and a mispredicted vzeroupper. This all has to happen within a precise window to work.”
The resulting bug can then open a way to spy on the chip’s operations, regardless if it’s occurring in a virtual machine, sandbox, or container. Leveraging the flaw isn’t easy, but Ormandy says: "It took a bit of work, but I found a variant that can leak about 30 kb per core, per second. This is fast enough to monitor encryption keys and passwords as users login!”
Ormandy notified AMD about the threat in May. However, the company still needs several months to prepare some of the patches. In AMD’s security bulletin(Opens in a new window), the chip vendor noted the fix for most desktop and laptop-based Ryzen processors won’t arrive until December. Meanwhile, the Ryzen Threadripper 3000 series should receive the patch in October.
The other problem is that the patches might cause a performance decrease, according to Ormandy. Users can expect the fixes to arrive via their motherboard
The website gametalkz.com is an aggregator of news from open sources. The source is indicated at the beginning and at the end of the announcement. You can send a complaint on the news if you find it unreliable.
Top Authors
Popular Topics
wccftech.com
12.08.2023 / 15:43
AMD Ryzen Threadripper 7000 SP6 “Storm Peak” CPUs Leak Out: 350W 7995WX, 7985WX, 7945WX
AMD is getting closer to the launch of its next-gen Ryzen Threadripper 7000 HEDT & Workstation CPU family featuring the latest Zen 4 cores.
pcgamesn.com
11.08.2023 / 12:09
The AMD Ryzen 7 7800X3D CPU is cheap again and comes with Starfield
The AMD Ryzen 7 7800X3D has received an unexpected price cut, alongside the rest of the 7000X3D series, including the 7900X3D and 7950X3D. These are the best gaming CPUs that AMD has to offer, and even come with a free copy of Starfield too.
wccftech.com
10.08.2023 / 10:23
AMD Ryzen 8000 “Strix Point” APU Sample Allegedly Spotted: 12 Core Hybrid Zen 5 Design In A 45W TDP
An alleged AMD Ryzen 8000 "Strix Point" APU sample has been unearthed by Performance Databases, featuring 12 Hybrid Zen 5 cores.
wccftech.com
09.08.2023 / 18:01
Intel Saw A 23% Client CPU Market Share Increase In Q2 2023 While AMD Fell -5.3%
The Client CPU market seems to have broken its downward trend with Intel leading the charge over AMD, reports Jon Peddie Research.
wccftech.com
09.08.2023 / 08:01
AMD Radeon RX 580 Equipped With Double The Memory, 16 GB Variant Shows Up 5 Years After Launch
The AMD Radeon RX 580 2048SP graphics card is almost 5 years old but Chinese manufacturers have started to offer the GPU with twice the memory capacities.
gamepur.com
08.08.2023 / 17:53
D&D Rules Make Baldur’s Gate 3 Expansions “Difficult”, But They Arent Ruled Out
Baldur’s Gate 3 has been a smash hit since its release, climbing the Steam charts and gaining critical and commercial acclaim, with many hailing it as one of the year’s best titles. With all the hype and excitement surrounding the game, it’s natural for players to wonder if Larian Studios intends to continue to add more content to its recent hit, including expansions.
pcgamer.com
07.08.2023 / 23:13
'We haven't started on an expansion' to Baldur's Gate 3, Larian says, but it's not completely off the table
20 years ago, expansions for PC games were as commonplace as CD drives. If a game was a hit, it probably got an expansion—that was certainly the case for Baldur's Gate and Baldur's Gate 2, which both saw their stories continue in 20-hour-plus add-on adventures. When I heard Larian's Baldur's Gate 3 imposes a level cap of 12 out of D&D's possible 20, I thought that sounded like prime expansion setup to me. But Larian founder Swen Vincke says the studio isn't working on one, and it sounds unlikely (though not impossible) that it'll happen.
pcgamesn.com
07.08.2023 / 19:53
Oops, Microsoft appears to leak unannounced AMD Ryzen CPU
It’s not uncommon for Microsoft to update which of the best gaming CPUs are compatible with Windows 11. It is, however, uncommon for the tech giant to accidentally unveil a previously unannounced AMD processor.
wccftech.com
07.08.2023 / 12:45
AMD Ryzen 7 7800X3D & 5800X3D 3D V-Cache CPUs Crush It In Sales At Mindfactory
The AMD 3D V-Cache chips including the Ryzen 7 7800X3D & 5800X3D continue to crush sales figures at German retailer, Mindfactory.
wccftech.com
05.08.2023 / 13:51
AMD Ryzen 8000 “Strix Point” APUs Feature 4 Zen 5, 8 Zen 5C CPU Cores, 16 RDNA 3.5 GPU Cores & 16 MB Cache
AMD's Ryzen 8000 "Strix Point" APUs might be a year away from launch but info regarding their hybrid Zen 5 CPU configurations has leaked out.
ign.com
03.08.2023 / 22:39
Baldur's Gate 3 Can't Save for Some Players Due to Bug, But There Are Some Solutions
A Baldur's Gate 3 bug that prevents players from saving is making the rounds on the internet, causing some to lose a fair amount of progress right off the bat.