It appears you have not yet registered with our community. To register please click here...

 
Go Back [M] > Madshrimps > WebNews
AMD Ryzen and EPYC have big security flaws AMD Ryzen and EPYC have big security flaws
FAQ Members List Calendar Search Today's Posts Mark Forums Read


AMD Ryzen and EPYC have big security flaws
Reply
 
Thread Tools
Old 16th March 2018, 14:32   #1
[M] Reviewer
 
Stefan Mileschin's Avatar
 
Join Date: May 2010
Location: Romania
Posts: 148,055
Stefan Mileschin Freshly Registered
Default AMD Ryzen and EPYC have big security flaws

Only given a week to fix it

Insecurity experts have discovered critical security flaws in AMD chips that could allow attackers to access sensitive data from highly guarded processors across millions of devices.

The alleged vulnerabilities are in the secure part of the processors - typically where your device stores sensitive data like passwords and encryption keys. While most of them require administrative access to the machine through malware, putting additional malware on the secure processor is itself a huge potential for damage.

CTS-Labs, a security company based in Israel, announced Tuesday that its researchers had found 13 critical security vulnerabilities that would let attackers access data stored on AMD's Ryzen and EPYC processors, as well as install malware on them. Ryzen chips power desktop and laptop computers, while EPYC processors are found in servers. However, the outfit gave AMD a week to come up with a fix before it went public. Standard vulnerability disclosure calls for at least 90 days notice, so companies have time to address flaws adequately. Google's researchers gave Intel six months to fix issues related to Spectre and Meltdown.

An AMD spokesman said that it was still investigating this report, which we just received, to understand the methodology and merit of the findings."

CTS-Labs co-founder and Chief Financial Officer Yaron Luk-Zilberman told CNET that all the vulnerabilities allow an attacker to target the secure segment of a processor, which is crucial to protecting the sensitive information on your device.

https://fudzilla.com/news/45809-amd-...security-flaws
Stefan Mileschin is offline   Reply With Quote
Reply


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Researchers Publish Ryzen Flaws, Gave AMD 24 hours Prior Notice Stefan Mileschin WebNews 0 16th March 2018 14:26
AMD expands Epyc and Ryzen lines Stefan Mileschin WebNews 0 26th February 2018 19:08
uTorrent has serious security flaws Stefan Mileschin WebNews 0 26th February 2018 19:08
Ryzen Pro platform brings a dash of Epyc to corporate desktops Stefan Mileschin WebNews 0 30th June 2017 11:55
Google fixes two serious Android security flaws Stefan Mileschin WebNews 0 13th September 2016 08:18
NSA discloses most security flaws, but that's not the whole story Stefan Mileschin WebNews 0 9th November 2015 19:21
Spy agencies are exploiting flaws in security software Stefan Mileschin WebNews 0 23rd June 2015 07:57
The US Navy wants to buy unpatched security flaws Stefan Mileschin WebNews 0 15th June 2015 08:30
Apple Patches 144 Security Flaws Across Seven Products Stefan Mileschin WebNews 0 20th October 2014 10:46
Two serious security flaws hit Microsoft Windows Sidney WebNews 0 9th November 2005 05:54

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


All times are GMT +1. The time now is 01:35.


Powered by vBulletin® - Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO