The security of their products, chip giants AMD and Intel have released patches for over 100 vulnerabilities as part of the February 2024 Patch Tuesday. AMD disclosed vulnerabilities in embedded processors, SEV firmware, and FPGA series devices, addressing high-severity flaws that could lead to privilege escalation, code execution, or denial-of-service (DoS) attacks. Notably, AMD’s UltraScale and UltraScale+ FPGA series devices were susceptible to an RSA authentication issue, dubbed JustSTART, potentially enabling attackers to load arbitrary bitstreams without triggering authentication errors.
Meanwhile, Intel published advisories detailing 80 vulnerabilities across various drivers, device firmware, and software products. High-severity bugs were identified in Thunderbolt DCH drivers, Arm DS for Intel SoC FPGA, PROSet/Wireless, Killer Wi-Fi, PCM, DSA, and SUR software products. These vulnerabilities ranged from privilege escalation to DoS, with impacted software versions identified for each issue.
Both companies emphasized the critical nature of these patches, urging users to apply them promptly to mitigate potential risks. While the patches address known vulnerabilities, the collaboration underscores the ongoing commitment of AMD and Intel to enhancing the security posture of their products amidst evolving cyber threats.