Security flaws found in AMD chips
WASHINGTON — Security researchers said Tuesday they discovered flaws in chips made by Advanced Micro Devices (AMD) that could allow hackers to take over computers and networks.
Israeli-based security firm CTS Labs published its research showing “multiple critical security vulnerabilities and exploitable manufacturer backdoors” in AMD chips.
CTS itemized 13 flaws, saying they “have the potential to put organizations at significantly increased risk of cyberattacks.”
The report comes weeks after Intel disclosed similar hardwarebased flaws dubbed Meltdown and Spectre, sparking widespread computer security concerns and a congressional inquiry.
The researchers said the AMD Secure Processor, the gatekeeper responsible for the security of AMD processors, contains “critical vulnerabilities” that “could allow malicious actors to permanently install malicious code inside the Secure Processor itself.”
AMD said it was studying the latest report.
Analysts at the security firm enSilo said the flaws could be worse than those affecting Intel chips.
“The impact of these vulnerabilities is more severe than Meltdown/ Spectre as it allows an attacker to execute highly privileged code and persist on the victim machine,” enSilo said in a blog post.
Additionally, some of the flaws may be nearly impossible to patch. “We estimate that without patches from AMD, protection against the vulnerabilities can be limited at best,” enSilo researchers said. “The best protection is to block malware that attempts to leverage these vulnerabilities.” —