tglogo.png

AMD allegedly has its own Spectre-like security flaws

In Category Amd News Posted by err0r On 10/20/18 Comments 0

Researchers say they've discovered critical security flaws in AMD chips that could allow attackers to access sensitive data from highly guarded processors across millions of devices.

Particularly worrisome is the fact that the alleged vulnerabilities lie in what's designed to be the secure part of the processors -- typically where your device stores sensitive data like passwords and encryption keys. It's also where your processor makes sure nothing malicious is running when you start your computer.

The majority of these reported vulnerabilities would require administrative access to work, meaning an attacker would first need to have control of your machine through some type of malware. But even with the need for administrative access, putting the malware on the secure processor itself creates a higher potential for damage than a normal attack would. 

CTS-Labs, a security company based in Israel, announced Tuesday that its researchers had found 13 critical security vulnerabilities that would let attackers access data stored on AMD's Ryzen and EPYC processors, as well as install malware on them. Ryzen chips power desktop and laptop computers, while EPYC processors are found in servers.

"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise," an AMD spokesman said. "We are investigating this report, which we just received, to understand the methodology and merit of the findings."

 


Read full article @ https://www.cnet.com/news/amd-has-a-spectre-meltdown-like-security-flaw-of-its-own/

 

View Forum Post & Comments