|
|
|
|
|
|
by hoistbypetard
3022 days ago
|
|
|
Regarding your first question, why would that matter if the code that is signed by AMD is out in the wild already and can be executed in a manner that makes the exploit work? That is how I read the situation, anyway; I don't think these people who didn't contact AMD in advance are getting new code signed by AMD to run their exploit. If they have some means of getting AMD to sign anything they want, that's bigger news than any of the vulnerabilities they are currently talking about. My read was that they're exploiting a flaw in some readily available, already signed-by-AMD code to load something new and behave badly. If that's the case, I don't see why the answer to (question 1) would be meaningful. If that's not the case, do you have a link to the explanation that claims getting new code signed by AMD is necessary? |
|
|