Researchers claim AMD flaws threaten Ryzen, EPYC chips

10788 ryzen power campaign imagery

10788 ryzen power campaign imagery

If what they're saying is accurate, it would mean that millions of AMD-powered PCs on the market today are vulnerable to having malicious code run on the secure boot section of the processor. According to the report, AMD Ryzen Workstation, Ryzen Pro, Ryzen Mobile, and EPYC Server chipsets are vulnerable. Researchers typically give firms several months to prepare a fix before announcing the vulnerability publicly.

Masterkey would require an attacker to re-flash the target system's BIOS with a malicious update and would be possible to exploit remotely. It remains to be seen what the fallout might be like for these newly discovered flaws.

It is unclear how hard it would be for a malicious actor to obtain such a digitally signed driver.

Hot on the heels of Spectre and Meltdown, researchers say they have discovered more than a dozen (or exactly a baker's dozen) new critical security flaws affecting AMD's Ryzen and Epyc processor lines, CNET reports.

Advanced Micro Devices is investigating a report that some of its processors have security vulnerabilities, the USA chipmaker said on Tuesday. On the vulnerability disclosure page, the CTS Labs researchers asserted users shouldn't be at risk because "all technical details that could be used to reproduce the vulnerabilities have been redacted". As presented, the 13 flaws fall into four categories called Master Key, Ryzenfall, Fallout, and Chimera.

Domain info for CTS Labs said the URL was just registered in June 2017 and Kevin Beaumont, a security researcher based in the United Kingdom, said there should be verification of CTS Labs before accepting the report as valid.

Notícias recomendadas

We are pleased to provide this opportunity to share information, experiences and observations about what's in the news.
Some of the comments may be reprinted elsewhere in the site or in the newspaper.
Thank you for taking the time to offer your thoughts.