backtop


Print 21 comment(s) - last by feraltoad.. on Aug 18 at 8:16 PM

AMD fixed the "Purple Pill" exploit revealed last week with a new Catalyst release

Last week, reports of an AMD ATI Catalyst driver vulnerability appeared around the web. The vulnerability affected the ATI Catalyst driver package and triggered by the Purple Pill tool, which was a proof-of-concept, and allowed malicious kernel tampering in Windows Vista.

The Purple Pill came from kernel developer Alex Ionescu.  Ionescu released the tool while not realizing AMD had yet to patch a flaw in its ATI Catalyst driver package. The tool allowed users to load unsigned drivers in Windows Vista. Theoretically, a malicious user could tamper with the Vista kernel using a rootkit that would piggyback to the ATI driver.

“After immediate investigation, AMD determined that a small section of code from one of the files in our installer package is potentially vulnerable,” said Jon Carvill, public relations manager, AMD Graphics Products Group. “We strongly recommend that desktop ATI Radeon graphics users update to Catalyst version 7.8 once it is available on http://ati.amd.com/support/driver.html.”

AMD is not the only company affected by the Purple Pill vulnerabilities, according to Carvill. However, the Purple Pill specifically targeted the vulnerability in the ATI Catalyst package.

A demonstration earlier this month at the Black Hat event in Las Vegas by Joanna Rutkowska revealed NVIDIA’s nTune Driver is vulnerable to the same attack. The NVIDIA driver allowed unchecked reading and writing of registers, according to Rutkowska. An NVIDIA representative was unavailable for comments. During the demonstration, Rutkowska also said any driver could be exploited, whether it was popular or not.

AMD issued a new ATI Catalyst release today to address the Purple Pill exploits. The latest ATI Catalyst also introduces the usual performance improvements and resolved issues.

AMD users can download the latest ATI Catalyst for Windows XP, XP 64-bit, Vista and Vista 64-bit.


Comments     Threshold


This article is over a month old, voting and posting comments is disabled

Catalyst download size doubled?!
By Captain Orgazmo on 8/13/2007 9:05:01 PM , Rating: 3
I just went to download the new Catalyst drivers and noticed they 71 MB to download! This is up from around 37 MB before. Anyone have any clue why?




RE: Catalyst download size doubled?!
By geeg on 8/13/2007 9:10:58 PM , Rating: 3
purple blob?


RE: Catalyst download size doubled?!
By Captain Orgazmo on 8/13/2007 9:20:20 PM , Rating: 2
To answer my own question... apparently they have gone ahead and stuck on a nice 33 MB of the Steam installer from Valve. This download is not optional. How queer.


RE: Catalyst download size doubled?!
By Heinrich on 8/13/2007 9:29:31 PM , Rating: 1
Yeah, how honkey of them to do that.


RE: Catalyst download size doubled?!
By Zurtex on 8/14/2007 7:36:52 AM , Rating: 2
http://www.answers.com/main/ntquery?s=queer&gwp=13

I'm assuming the use of the word was one of the non-offensive definitions, I certainly didn't read it that way. I just read it as equivalent to "How odd".


RE: Catalyst download size doubled?!
By omnicronx on 8/14/2007 9:48:53 AM , Rating: 1
oh ya so true, all the hardships us white folk have gone through, god forbid someone uses the word honkey.
HOW OFFENSIVE!
/sarcasm/


RE: Catalyst download size doubled?!
By Spivonious on 8/14/2007 9:52:03 AM , Rating: 2
I agree that it's not offensive to me, but it would be equivalent to someone saying "how nigger of them to do that." We all know that the "n-word" is a powerful thing these days; why not the "h-word" too?


RE: Catalyst download size doubled?!
By Flunk on 8/14/2007 10:00:47 AM , Rating: 1
Before someone says somethign stupid remember that it's not all white people who imported and enslaved Africas in the US. Only white Americans.

Some of us whiteys were not involved in this whole thing.


RE: Catalyst download size doubled?!
By Flunk on 8/14/2007 10:06:42 AM , Rating: 4
Oh, and also everyone involved on either side is dead.


RE: Catalyst download size doubled?!
By OrSin on 8/14/2007 12:50:57 PM , Rating: 1
Yeah and people was still getting lych less then 40 years agao. While cops watched and even helped. Not only are thouse people still alive alot them are mayors, and police chief. We dont have to go back to slavery to find the wrong in it all. And believe me those say people still teach thier kids "the way if should be done". All said most white people are still good people.


RE: Catalyst download size doubled?!
By TomZ on 8/14/2007 1:05:32 PM , Rating: 2
It's funny that you defend sensitivity, but then go on to contradict yourself, making the following racist remark: "All said most white people are still good people."

Maybe you should have said "all said most people are still good people" instead?


By feraltoad on 8/18/2007 8:16:19 PM , Rating: 2
There were also black slave owners in the Antebellum South. Slavery is alive today and it certainly isn't limited to any color on either end.


RE: Catalyst download size doubled?!
By TomZ on 8/13/2007 11:17:30 PM , Rating: 2
I suggest everyone write AMD an e-mail and tell them what you think of the Steam "innoculation."


RE: Catalyst download size doubled?!
By JonnyDough on 8/13/07, Rating: 0
RE: Catalyst download size doubled?!
By TomZ on 8/14/2007 11:27:58 AM , Rating: 2
I agree. The new version's installer installs Steam by default, which is also offensive. You have to select a custom install if you want to de-select that "feature." Shame on AMD!

Here's the feedback form for Catalyst if anybody else wants to give feedback on this issue.

http://support.ati.com/ics/survey/survey.asp?deptI...


RE: Catalyst download size doubled?!
By Lonyo on 8/14/2007 3:59:05 AM , Rating: 2
Only the Vista versions, apparently.
The Windows XP version is still 37MB


Mean Drivers
By JasonMick (blog) on 8/14/2007 8:35:07 AM , Rating: 2
quote:
During the demonstration, Rutkowska also said any driver could be exploited, whether it was popular or not.


Well its good to know that not just the really, really popular, really social drivers get to be exploited--that sounds rather unequitable!

Alas, driver writers these days seem to never think anyone will see/manipulate/understand their code. Also, it seems like many do not see "the big picture" enough to understand the implications of their code on the OS and other hardware in the system. I don't really blame them entirely for this, as it takes a special sort of person to have such an understanding, but still it is a bit disturbing to constantly hear that so much underlying our systems is so vulnerable to devastating malicious attack.




RE: Mean Drivers
By Gneisenau on 8/14/2007 10:07:09 AM , Rating: 2
That, or in an effort to remove bloat and increase the speed of the drivers, they try to keep the code as small as possible. It's tough call when the market looks mainly at FPS to determine the king.


RE: Mean Drivers
By TomZ on 8/14/2007 10:39:59 AM , Rating: 2
AMD must think that size is king. The download for Vista 32-bit is 71MB - for a video driver and associated crap. WTF is up with that?


RE: Mean Drivers
By leexgx on 8/14/2007 5:26:35 PM , Rating: 2
read up lots have posted about it

The new version's installer installs Steam by default, which is also offensive. You have to select a custom install if you want to de-select that "feature." Shame on AMD!

thats lame it should Ask if i want to install steam


RE: Mean Drivers
By TomZ on 8/14/2007 6:10:36 PM , Rating: 2
Are you quoting my words to me? Interesting. :o)


"I'd be pissed too, but you didn't have to go all Minority Report on his ass!" -- Jon Stewart on police raiding Gizmodo editor Jason Chen's home











botimage
Copyright 2014 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki