HW News - Lots of Insecure BIOS & Drivers, Ryzen 3000 Binning Stats

By Published August 18, 2019 at 10:43 pm
HW News - Lots of Insecure BIOS & Drivers, Ryzen 3000 Binning Stats
Hardware

Hardware news this past week has only partially slowed, with an uptick in security notices responsible for most of the coverage we've found interesting. Researchers at Eclypsium have identified vulnerabilities in more than 40 drivers from 20 different vendors, something we'll talk about in today's coverage. We also talk about Ryzen 3000 binning statistics posted by Silicon Lottery, the CPU binning company.

Show notes continue after the embedded video.

 

Insecure Drivers from Every Major BIOS Vendor

Researchers at Eclypsium revealed that they’ve identified a vulnerability in more than 40 drivers, coming from at least 20 different vendors. According to Eclypsium, among the affected vendors are every major vendor, as well as hardware vendors like Nvidia, AMD, and Intel.

Eclypsium notes that the bad drivers act as a proxy to gain escalated privileges, going anywhere from Ring 3 to Ring 0 -- the latter of which would afford kernel level access, and allow attackers access to hardware and firmware interfaces. What’s worse is that the insecure drivers bear authentic certificates, signed by Microsoft.

“Our analysis found that the problem of insecure drivers is widespread, affecting more than 40 drivers from at least 20 different vendors – including every major BIOS vendor, as well as hardware vendors like ASUS, Toshiba, NVIDIA, and Huawei. However, the widespread nature of these vulnerabilities highlights a more fundamental issue – all the vulnerable drivers we discovered have been certified by Microsoft. Since the presence of a vulnerable driver on a device can provide a user (or attacker) with improperly elevated privileges, we have engaged Microsoft to support solutions to better protect against this class of vulnerabilities, such as blacklisting known bad drivers,” says Eclypsium.

Eclypsium also notes that this issue affects all modern versions of Windows, and that there is currently “no universal mechanism to keep a Windows machine from loading one of these known bad drivers.”

Source: https://eclypsium.com/2019/08/10/screwed-drivers-signed-sealed-delivered/

Assetto Corsa No Longer Confirming RTX

Back when we first did the NVIDIA RTX press event, the company spent about half of the technical editor’s day talking about really interesting topics -- like architecture, power engineering, and frequency behavior -- and spent the other half parading developers across a stage as if to say, “no, really, RTX is going to be a thing.”

One of those developers has now expressed that RTX is no longer fully confirmed as coming to the game. We actually bought Assetto Corsa Competizione at the launch of RTX cards because we thought it’d have the feature, but it didn’t, and it still doesn’t. The developers posted on their forums saying:

"Our priority is to improve, optimize, and evolve all aspects of ACC. If after our long list of priorities the level of optimization of the title, and the maturity of the technology, permits a full blown implementation of RTX, we will gladly explore the possibility, but as of now there is no reason to steal development resources and time for a very low frame rate implementation."

Source: https://steamcommunity.com/app/805550/discussions/0/1642038659011501294/

AMD: Product Page Updates, Reference Cards Not Dead

Earlier this week, AMD quietly updated its product pages for Ryzen processors to elaborate -- and perhaps clarify -- what it means by “Max Boost Clock.” According to the new product pages, “Max Boost Clock is the maximum single-core frequency at which the processor is capable of operating under nominal conditions." Some users have been a bit puzzled by Ryzen’s boost behavior, and the difference between Precision Boost Overdrive and Precision Boost 2, both of which we’ve detailed.

In other AMD news, the company swiftly put rest to a rumor that ran rampant earlier this week, claiming that reference cards for the RX 5700-series were being retired after only a month on the market. In statements to Tom’s Hardware and PCWorld, AMD addressed the present and future of reference models.

“We expect there will continue to be strong supply of Radeon RX 5700 series graphics cards in the market, with multiple designs starting to arrive from our AIB partners. As is standard practice, once the inventory of the AMD reference cards has been sold, AMD will continue to support new partner designs with Radeon RX 5700 series reference design kit,” explains AMD.

All this means is that AMD is allowing AIB cards to take over the market, which is normal. Reference models will still be available through AMD, or through select board partners that wish to offer them. Before anyone rolls their eyes about the blower style reference cards, keep in mind that water blocks are based on reference design PCBs, so reference PCBs remain important to those looking to integrate GPUs into a custom liquid loop.

Source:

https://www.techpowerup.com/258201/amd-updates-ryzen-product-pages-to-elaborate-on-max-boost-clocks

https://www.pcworld.com/article/3430794/nope-amd-didnt-kill-its-reference-radeon-5700-cards-barely-a-month-after-introducing-them.html

Ryzen 3000 Binning Statistics

Silicon Lottery recently updated its statistics page to show numbers from their Ryzen 3000 binning process. These numbers can provide some meaningful insight for those looking to play the silicon lottery, and see what percentage of chips can hit the highest frequencies and where they fall on the volt/frequency curve. As expected, Ryzen 3000 binning is a bit underwhelming, which isn’t altogether bad, depending on your perspective.

The highest, stable frequency achieved for the Ryzen 9 3900X was 4.20 GHz at 1.250V, and only the top 6% of chips were able to hit that mark. Stepping down to the Ryzen 7 models, the top 20% of Ryzen 7 3800 X models managed a 4.30 GHz overclock at 1.300V, while the top 21% of Ryzen 7 3700X chips hit 4.15 GHz at 1.262V.

Source: https://siliconlottery.com/pages/statistics

Rumor: Threadripper 3000 Shows Up in Geekbench Database

With Ryzen 3000 and the EPYC 7002-series officially outed, the next big CPU launch boasting AMD’s Zen 2 architecture is Threadripper. Recent rumors speculate that both Intel and AMD could be heading for an HEDT showdown in October, as both chipmakers are rumored to be prepping launches.

Now, a chip with the name “Sharkstooth” has surfaced on Geekbech, and the 32C/64T part is presumed to belong to the upcoming Zen 2-based Threadripper family. The chip comes with a configuration similar to the Threadripper 2990WX, but with higher clock speeds at 3.6GHz; no mention of boost speeds.

There are currently two Sharkstooth entries in the database. One with a single-core score of 5,932 and a multi-core score of 93,344. The other entry shows a single-core score of 5,677 and a multi-core score of 94,772. Either way you do the math, those scores beat the previous Threadripper 2990WX handily. As with Ryzen 3000 and EPYC 7002, it’s expected Threadripper 3000 will support PCIe 4.0, and will likely come with a new chipset.  

Source: https://www.tomshardware.com/news/amd-threadripper-3000-castle-peak-32-core-cpu,40151.html

Editorial: Eric Hamilton
Host: Steve Burke
Video: Josh Svoboda, Andrew Coleman

Last modified on August 18, 2019 at 10:43 pm
Eric Hamilton

Related items

back to top

We moderate comments on a ~24~48 hour cycle. There will be some delay after submitting a comment.

  VigLink badge