AMD said it plans to release firmware updates to fix a trifecta of bugs that impact some of its notebook and embedded systems CPUs.
The three bugs, which AMD refers to as "SMM Callout," allow attackers to take control over the UEFI firmware of AMD CPUS, and inherently of the entire computer.
AMD said the bugs impact a small fraction of Accelerated Processing Unit (APU) CPUs released between 2016 and 2019. AMD APU processors, formerly known as AMD Fusion, are small-sized 64-bit microprocessors that include both a central processing unit (CPU) and graphics processing unit (GPU) on the same silicon die.
News of the three bugs came to light last weekend, on Saturday, June 13, when a security researcher named Danny Odler published a Medium blog post detailing one of the three SMM Callout bugs (the one that was already patched). [....]
Two other bugs remain unpatched, but in a security advisory published this week, AMD said it plans to have AGESA patches ready by the end of the month.