What should vendors do when they discover that a hardware 0-day has been used to exploit systems built on their product? Some vulnerabilities may permit vendors to patch the vulnerability using microcode updates. For instance, a mitigation for the row hammer DRAM attack was to reduce the frequency of DRAM refreshes (to be clear, this appears … Continue reading HARDWARE 0-DAYS: PUBLISH, SELL OR HOARD? (PART IV)