Researchers find 'critical' security flaws in AMD chips

Wednesday, 14 Mar, 2018

Ryzenfall is a threat that allows for malware to completely hijack a Secure Processor allowing access to secure data that would normally be out of the reach of attackers.

Exploiting these vulnerabilities, hackers can run malware that cannot be detected by the users and can extract important information, such as personal data, passwords, and so on because these AMD CPUs vulnerabilities allow hackers obtain administrator access to the affected computers' operating systems.

The flaws were uncovered by Israeli security firm CTS-Labs, which noted that the vulnerabilities affect the Secure Processor, a co-processor found on AMD's CPUs where sensitive data such as encryption keys and passwords are stored. Ryzen chips power desktop and laptop computers, while EPYC processors are found in servers. Attackers who gain elevated admin privileges can exploit these flaws to allow arbitrary code execution on the Secure Processor, as well as gain access to protected memory regions. Full details on each vulnerability can be found in CTS' 20-page whitepaper. CTS-Labs blamed ASMedia, a third-party chipmaker that supplied the USB host controller and SATA controller within AMD's Ryzen chipset, for these vulnerabilities, which were then introduced into the Ryzen chipsets.

This means that AMD-powered PCs are vulnerable to these hacks starting now, through to when the company can fix it. CTS also says a bad actor could infect chips with malware, steal credentials on high-security enterprise networks and cause physical damage to hardware, all while remaining virtually undetectable by most security solutions.

"In our opinion, the basic nature of some of these vulnerabilities amounts to complete disregard of fundamental security principles".

But much of the attention following Tuesday's disclosure by CTS focused on the company's publicity methods, with some saying CTS appeared to be trying to manipulate AMD's share price. We are actively investigating and analyzing its findings.

AMD confirmed it's been made aware of the potential vulnerabilities.

"At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise", AMD's statement said.

Nevertheless, CTS-Labs researchers don't want the flaws to be brushed off lightly.

An AMD spokesperson told CNET it is investigating the report, which they "just received".

In the company's official statement on the issue, AMD claimed it was "unusual for a security firm to publish research to the press without providing a reasonable amount of time for the company to investigate and address its findings". "We will update this blog as news develops", the company said.

It's unclear how long it would take to fix these issues.

Others, however, say the impact of the newly disclosed vulnerabilities and backdoors is likely to be greater than Spectre and Meltdown because they allows an attacker to execute highly privileged code and persist on the victim machine.