Welcome Stranger to OCC!Login | Register

AMD Releases Initial Assessment of Security Flaws Found by CTS Labs

Category: General News
Posted: 02:10PM

Last week a number of security flaws in AMD products were reported by CTS Labs, a security research company. The company only provided AMD with the information on these issues the day before publicly announcing them, but already AMD has news to report on these issues from its initial technical assessment.

While many of the issues were described as relating to the Zen architecture, AMD states the issues are actually only associated with the firmware for the embedded security control processor (AMD Secure Processor) in some of its products, and the chipset used in some AM4 and TR4 platforms. AMD also makes a point that all of the issues require administrative access to the system, at which point the user has unrestricted access to the system and can use a far greater range of attacks than just those described by CTS Labs. Additionally, modern operating systems and enterprise-quality hypervisors have security controls to prevent unauthorized administrative access.

While CTS Labs had listed them as 13 issues, AMD has grouped them into three categories for a table to describe the impact of these issues and the planned mitigation. For all of these, AMD states patches to the AMD Secure Processor firmware or Promontory chipset should mitigate the issues, with no performance impact expected. AMD is working on the firmware updates to release in the coming weeks and is working with the third-party designer and manufacturer for the Promontory chipset to create mitigations there. All of these patches would be deployed through BIOS updates.

Source: AMD

Register as a member to subscribe comments.

© 2001-2018 Overclockers Club ® Privacy Policy
Elapsed: 0.1653058529   (xlweb1)