- Joined
- May 6, 2019
- Messages
- 12,595
- Points
- 113
Image: AMD
If you haven’t updated your Radeon drivers in a while (or rolled back to an older version), now would be a good time to do so. Cisco Talos has uncovered multiple vulnerabilities affecting AMD graphics cards.
The vulnerabilities allow an attacker to “cause a denial-of-service condition or gain the ability to remotely execute code” through VMware Workstation 15’s guest mode. What makes this possible is an out-of-bounds read vulnerability in driver file ATIDXX64.DLL, which malicious actors can trigger by sending a “specially crafted shader file.”
There are four vulnerabilities in total:
AMD ATI Radeon ATIDXX64.DLL shader functionality constant buffer denial-of-service vulnerability (TALOS-2019-0913/CVE-2019-5124)AMD ATI Radeon ATIDXX64.DLL MOVC shader functionality...
Continue reading...