Guest_Jim_* Posted March 20, 2018 Posted March 20, 2018 Last week a number of security flaws in AMD products were reported by CTS Labs, a security research company. The company only provided AMD with the information on these issues the day before publicly announcing them, but already AMD has news to report on these issues from its initial technical assessment. While many of the issues were described as relating to the Zen architecture, AMD states the issues are actually only associated with the firmware for the embedded security control processor (AMD Secure Processor) in some of its products, and the chipset used in some AM4 and TR4 platforms. AMD also makes a point that all of the issues require administrative access to the system, at which point the user has unrestricted access to the system and can use a far greater range of attacks than just those described by CTS Labs. Additionally, modern operating systems and enterprise-quality hypervisors have security controls to prevent unauthorized administrative access. While CTS Labs had listed them as 13 issues, AMD has grouped them into three categories for a table to describe the impact of these issues and the planned mitigation. For all of these, AMD states patches to the AMD Secure Processor firmware or Promontory chipset should mitigate the issues, with no performance impact expected. AMD is working on the firmware updates to release in the coming weeks and is working with the third-party designer and manufacturer for the Promontory chipset to create mitigations there. All of these patches would be deployed through BIOS updates. Source: AMD Back to original news post Share this post Link to post Share on other sites More sharing options...
Recommended Posts