Categories: SecurityWorkspace

Start-Up Warns Of AMD Chip Flaws In Unusual Publicity Campaign

A Tel Aviv-based start-up has publicised flaws in AMD processors that researchers say are genuine, even as they criticised the way in which they were disclosed.

While the vulnerabilities all require administrator access before they can be exploited, making them significantly more difficult for intruders to use, they are dangerous in that they allow complete access to the system, including secure processing areas normally off-limits to malware.

That access means attackers who have already successfully compromised a system could potentially place malicious code in such a way as to make it difficult or impossible to detect or remove.

The exploits discovered by CTS Labs, founded in January 2017, are called Ryzenfall, Fallout, Chimera and Masterkey, and affect AMD’s Epyc, Ryzen, Ryzen Pro, and Ryzen Mobile processors. They allow malware to run before the operating system boots and to bypass advanced security features such as Windows 10 Credential Guard.

Secure enclave

In an embarrassment for AMD, they allow an attacker to compromise its Platform Secure Processor, a secure enclave similar to that used in iPhones to store biometric data. AMD’s enclave is based on an ARM 32-bit Cortex A5 processor design.

Third-party researchers said the flaws are genuine, with New York-based Trail of Bits saying it had verified CTS’ findings under an arrangement for which Reuters reports CTS paid $16,000 (£11,500).

“Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public AFAIK), and their exploit code works,” said Trail of Bits chief executive Dan Guido on Twitter.

But much of the attention following Tuesday’s disclosure by CTS focused on the company’s publicity methods, with some saying CTS appeared to be trying to manipulate AMD’s share price.

Switzerland-based security consultant Arrigo Triulzi, for one, described CTS’ paper as “over-hyped beyond belief”.

Surprise disclosure

CTS gave AMD only 24 hours to review the findings before publishing them, and AMD said the report took it by surprise.

“At AMD, security is a top priority and we are continually working to ensure the safety of our users as new risks arise,” the company said in a statement. “We are investigating this report, which we just received, to understand the methodology and merit of the findings.”

In a statement on its website, AMD added, “This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings.”

In its 20-page report, titled “Severe Security Advisory on AMD Processors”, CTS notes that it “may have, either directly or indirectly, an economic interest in the performance” of AMD’s stock and that of other companies.

The report also contains a disclaimer that the contents are statements of opinion and “not statements of fact”. Such statements are highly unusual for security advisories.

Investment firm Viceroy Research published a 25-page report on the issues after the company said it was anonymously emailed a copy of CTS’ findings on Monday afternoon. The company confirmed it has taken a large “short” position on AMD, in other words betting the company’s shares will fall.

Financial analysts confirmed there was a spike in short selling on AMD shares, and in fact those shares initially fell on Tuesday in heavy trading, before closing slightly higher.

Do you know all about security? Try our quiz!

Matthew Broersma

Matt Broersma is a long standing tech freelance, who has worked for Ziff-Davis, ZDnet and other leading publications

Recent Posts

SoftBank Promises To Invest $100bn In US

Japanese tech investment firm SoftBank promises to invest $100bn during Trump's second term to create…

8 hours ago

Synopsys, SiMa.ai To Collaborate On AI Car Chips

Synopsys to work with start-up SiMa.ai on joint offering to help accelerate development of AI…

9 hours ago

AI Start-Up Basis Raises $34m For Accountancy Agent

Start-up Basis raises $34m in Series A funding round for AI-powered accountancy agent to make…

9 hours ago

Databricks Raises $10bn In Huge AI Funding Round

Data analytics and AI start-up Databricks completes huge $10bn round from major venture capitalists as…

10 hours ago

Congo Files Complaints Against Apple Over Conflict Minerals

Congo files legal complaints against Apple in France, Belgium alleging company 'complicit' in laundering conflict…

10 hours ago