Researchers discover 13 major security flaws specific to AMD's Zen CPUs

Rodiano Bonacci
Marzo 13, 2018

The vulnerabilities purportedly lie in what is supposed to be a secure part of the processors where sensitive information is contained.

"The vulnerabilities allow malicious actors to install persistent malware inside the Secure Processor, running in kernel-mode with the highest possible permissions", the researchers wrote. It remains to be seen what the fallout might be like for these newly discovered flaws. These vulnerabilities could allow malicious code to be injected into the chipsets.

Advanced Micro Devices is investigating a report that some of its processors have security vulnerabilities, the United States chipmaker said on Tuesday. "We are investigating this report, which we just received, to understand the methodology and merit of the findings", an AMD spokesman said. "This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings".

The researchers gave AMD less than a day to respond to the potential flaws instead of the standard 90-day notice.

AMD will update the blog here with any further information.

The flaws were discovered by CTS-Labs, a security outfit in Israel. However, they also admitted they don't know if these AMD flaws are being exploited in the wild and "firmware vulnerabilities such as Masterkey, Ryzenfall and Fallout take several months to fix, [and] hardware vulnerabilities such as Chimera can not be fixed and require a workaround".

Altre relazioniGrafFiotech

Discuti questo articolo

Segui i nostri GIORNALE