In the wake of the alarm caused by the Meltdown and Spectre cases, the news of thirteen vulnerabilities affecting AMD’s chip architecture has triggered a new wave of uncertainty about the security risks to which millions of devices were exposed. It took a week before AMD acknowledged that the vulnerabilities revealed in a CTS-Labs report were true. After evaluating all the information documented by this company, AMD finally confirmed the existence of these vulnerabilities, assuring however that the risk was minimal.
What’s the story with AMD chips?
There are two aspects to the security flaws revealed by CTS-Labs. The first affects the AMD Secure Processor in Ryzen and EPYC chips. This is precisely the component responsible for processor security, where devices store passwords and encryption keys. On the other hand, other vulnerabilities, grouped under the name ‘Chimera’, affect the chipset that usually accompanies Ryzen systems.
What all 13 vulnerabilities have in common is that they enable a backdoor to be exploited in order to inject malicious code and launch a range of attacks. In this way, an attacker could take control of a system to steal network user credentials and move through corporate networks. It also means that someone could read and write in secure memory areas, bypass BIOS protection, or attack the operating system of a device. In short, these vulnerabilities in AMD’s products could have serious consequences for all types of organizations, as they could leave them vulnerable to attackers who could use these backdoors to gain access to sensitive information.
This latest news comes just weeks after AMD was embroiled in the case of Meltdown and Specter, although the main company affected was Intel. Even though the source of the vulnerabilities is not the same, as with Meltdown and Specter, these flaws could allow cybercriminals to access critical information on system memory and launch a range of attacks.
How to resolve the problem
After acknowledging the existence of these vulnerabilities, AMD has now presented a plan to address them. In the coming weeks, they are set to publish firmware updates that will be installed through BIOS updates. Moreover, the company has announced that, unlike what happened with the solutions for Meltdown and Specter, these updates will not impact on the performance of the affected systems, nor on the servers or the computers based on those CPUs.
At the same time, AMD has played down the issue, explaining that the risk was minimal, as to exploit these vulnerabilities, an attacker would first need to have administrator access to the system. As Mark Papermaster, AMD’s CTO, points out, attackers with this kind of access would have numerous attack mechanisms at their disposal to delete, create or modify any file on the system, without the need to exploit these vulnerabilities.
This attack confirms two things. On the one hand, the need for advanced cybersecurity systems that can detect any anomalous behavior that could potentially enable the theft of administrator login credentials on corporate systems. And, on the other hand, they are a reminder of the importance of regularly updating corporate systems to mitigate the risk of attacks that jeopardize critical data.