In the wake of the alarm caused by the Meltdown and Spectre cases, the news of thirteen vulnerabilities affecting AMD’s chip architecture has triggered a new wave of uncertainty about the security risks to which millions of devices were exposed. It took a week before AMD acknowledged that the vulnerabilities revealed in a CTS-Labs report were true. After evaluating all the information documented by this company, AMD finally confirmed the existence of these vulnerabilities, assuring however that the risk was minimal.
What’s the story with AMD chips?
There are two aspects to the security flaws revealed by CTS-Labs. The first affects the AMD Secure Processor in Ryzen and EPYC chips. This is precisely the component responsible for processor security, where devices store passwords and encryption keys. On the other hand, other vulnerabilities, grouped under the name ‘Chimera’, affect the chipset that usually accompanies Ryzen systems.
What all 13 vulnerabilities have in common is that they enable a backdoor to be exploited in order to inject malicious code and launch a range of attacks. In this way, an attacker could take control of a system to steal network user credentials and move through corporate networks. It also means that someone could read and write in secure memory areas, bypass BIOS protection, or attack the operating system of a device. In short, these vulnerabilities in AMD’s products could have serious consequences for all types of organizations, as they could leave them vulnerable to attackers who could use these backdoors to gain access to sensitive information.
This latest news comes just weeks after AMD was embroiled in the case of Meltdown and Specter, although the main company affected was Intel. Even though the source of the vulnerabilities is not the same, as with Meltdown and Specter, these flaws could allow cybercriminals to access critical information on system memory and launch a range of attacks.
How to resolve the problem
After acknowledging the existence of these vulnerabilities, AMD has now presented a plan to address them. In the coming weeks, they are set to publish firmware updates that will be installed through BIOS updates. Moreover, the company has announced that, unlike what happened with the solutions for Meltdown and Specter, these updates will not impact on the performance of the affected systems, nor on the servers or the computers based on those CPUs.
At the same time, AMD has played down the issue, explaining that the risk was minimal, as to exploit these vulnerabilities, an attacker would first need to have administrator access to the system. As Mark Papermaster, AMD’s CTO, points out, attackers with this kind of access would have numerous attack mechanisms at their disposal to delete, create or modify any file on the system, without the need to exploit these vulnerabilities.
This attack confirms two things. On the one hand, the need for advanced cybersecurity systems that can detect any anomalous behavior that could potentially enable the theft of administrator login credentials on corporate systems. And, on the other hand, they are a reminder of the importance of regularly updating corporate systems to mitigate the risk of attacks that jeopardize critical data.
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
10 comments
No, this attack is like handing the keys to the castle to an attacker, and then you letting them in to do what they want. Attacking a BIOS by that point is on the super low end of a totem pole. If you had those keys you’d likely go for the crown instead of say the doorman. In other words with the amount of power you have to have in order to pull off the “attack” it wouldn’t make sense to go after the AMD “flaw” which by the way would be any other chip’s flaw that uses the ASMedia chip which can include Intel. This is not a major problem and only seems to try to cause AMD financial problems with no real threat problems
Get to know very useful information, thanks for sharing.
Thanks a lot for your feedback, Jarry!
We will keep up the content creation to keep our users informed.
Kind regards,
Panda Security.
It is my first time I visit here. I found so many entertaining stuff in your blog, especially its discussion. From the tons of comments on your articles, I guess I am not the only one having all the leisure here! Keep up the excellent work.
From its conception in 1969, AMD focused on producing microprocessors and similar computer components. Initially, it merely licensed processor designs from other companies like Fairchild Semiconductor. Although it started producing other PC components developed entirely in-house early on as well, AMD wouldn’t produce a processor it designed itself for several years.
AMD on Tuesday acknowledged several vulnerabilities that had been previously reported in its Ryzen and EPYC chips, and said that it would roll out firmware patches for those flaws in the coming weeks.
The response comes a week after Israel-based CTS-Labs said that it has discovered 13 critical vulnerabilities and exploitable backdoors that impact AMD’s EPYC server, Ryzen workstation, Ryzen Pro and Ryzen mobile lineups.
AMD’s Senior Vice President and Chief Technology Officer, Mark Papermaster, said in a statement that the chip company plans to issue firmware patches for these vulnerabilities through an upcoming BIOS update.
“At AMD, security and the protection of users’ data is of the utmost importance. We believe that each of the issues cited can be mitigated through firmware patches and a standard BIOS update, which we plan to release in the coming weeks. These patches and updates are not expected to impact performance,” according to the statement.
some useful information, learned something new, thanks for sharing.
Useful information. Good
Nice Article