PCR Tech and IT retail, distribution and vendor news
Hot off the heels of the Spectre and Meltdown scandals, AMD has been rocked by a new set of vulnerabilities affecting its CPUs.
On Wednesday, Israeli security firm CTS Labs published a a white paper claiming to detail a range of flaws in AMD’s current CPUs.
As reported by Tech Radar, The white paper lists 13 vulnerabilities that allegedly affect all products in the Ryzen, Ryzen Pro and EPYC server CPU ranges.
What the vulnerabilities give access to is pretty damning. Like with a lot of exploits, the as of yet unnamed flaw could allow access to personal credentials and malware-spreading potential. The white paper goes one further however, claiming that the vulnerabilities could "expose AMD customers to industrial espionage that is virtually undetectable by most security solutions".
It might sound particularly bad, but the potential positive is that the flaws require root-level operating-system access to be exploited. In other words, a hacker would need to be granted full access to your system.
Unlike the Spectre and Meltdown leaks which provided something of an ‘Anarchist Cookbook’ for hackers, the CTS Labs report is intentionally light on details, giving AMD time to investigate. Gizmodo however has reported that the chipmaker was only given 24 hours notice.
AMD has responded in kind, saying that it is “unusual for a security firm to publish research to the press without providing a reasonable amount of time for the company to investigate and address its findings”, but confirmed that it is looking into and actively analysing the flaws.
