AMD says patches on the way for flawed chips

March 21, 2018
AMD expressed confidence that chip vulnerabilities made public last week by Israeli-based security firm CTS Labs could be fixed with firmware patches and updated software that would not slow computers down

Advanced Micro Devices on Tuesday said patches are on the way for recently revealed flaws in some of its chips that could allow hackers to take over computers.

AMD expressed confidence that chip vulnerabilities made public last week by Israeli-based firm CTS Labs could be fixed with firmware patches and updated software that would not slow computers down.

The manufacturer downplayed the threat of hackers taking advantage of the flaws, saying it would require administrator-level access to computers.

"Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research," AMD said in its first update on the situation since the flaws were made public.

CTS Labs published its research showing "multiple critical security vulnerabilities and exploitable manufacturer backdoors" in AMD chips.

The security firm itemized 13 flaws, saying they "have the potential to put organizations at significantly increased risk of cyberattacks."

The report came weeks after Intel disclosed similar hardware-based flaws dubbed Meltdown and Spectre, sparking widespread security concerns and a congressional inquiry.

In a 20-page white paper, CTS researchers said the AMD Secure Processor, the gatekeeper responsible for the security of AMD processors, contains "critical vulnerabilities" that "could allow malicious actors to permanently install malicious code inside the Secure Processor itself."

"The vulnerabilities we have discovered allow bad actors who infiltrated the network to persist in it, surviving computer reboots and reinstallations of the operating system," the report said.

"This allows attackers to engage in persistent, virtually undetectable espionage, buried deep in the system."

California-based AMD is one of the largest semiconductor firms specializing in processors for PCs and servers.

"AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations," the chipmaker said.

"We believe that each of the issues cited can be mitigated through firmware patches and a standard BIOS update, which we plan to release in the coming weeks."

Explore further: Researchers find 'critical' security flaws in AMD chips

Related Stories

Finnish firm detects new Intel security flaw

January 12, 2018

A new security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said on Friday.

Recommended for you

Uber filed paperwork for IPO: report

December 8, 2018

Ride-share company Uber quietly filed paperwork this week for its initial public offering, the Wall Street Journal reported late Friday.

0 comments

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.