Earlier today a number of security vulnerabilities were revealed in various AMD CPUs and the Promontory chipset, though not technically disclosed, by CTS, a cyber-security company, at the AMDFlaws.com website. Some of these involve compromising the Secure Processor built into some processors, allowing malicious code to exist at a level invisible to the operating system. There are a total of 13 vulnerabilities, according to CTS, falling under four groups it has named Masterkey, Ryzenfall, Fallout, and Chimera. According to the whitepaper, there are no known mitigations for any of these attacks but, well, there are some questions about the validity of these vulnerabilities and how their disclosure today has been handled.
Typically when a security vulnerability is found, it is reported to the effected company 90 days before it is published, and sometimes this period is extended. AMD however was only notified of these claims yesterday, so AMD has had little time to investigate the issues or identify any mitigations. Also, while these issues may compromise the security of a Zen-based computer, to even attack the vulnerabilities is not going to be trivial. In the case of Masterkey, a specially crafted BIOS would need to be flashed to exploit a vulnerability in the Secure Processor and place malware code within the ARM Cortex A5 processor that is inside the Secure Processor. Ryzenfall, Fallout, and Chimera all require local-machine elevated administrator privileges to run a program and a digitally signed driver to access the Secure Processor. Chimera specifically goes after the Promontory chipset, which was created by ASMedia and not AMD directly, and CTS is pointing out security issues ASMedia has had as the basis for this vulnerability. The only footnote about these vulnerabilities is the FTC penalizing ASUSTek, of which ASMedia is a subsidiary, because of vulnerabilities in routers.
Only time will tell how serious any of these issues might be, especially as AMD begins its investigation into the vulnerabilities, along with other security researchers.
Back to original news post