AMD ‘investigating’ critical vulnerabilities in its latest Ryzen and EPYC CPUs

 techradar.com  3/14/2018 2:00:30 AM   Harry Domanski

Israeli security firm CTS Labs has today released a white paper to the press, which it claims detail a number of vulnerabilities affecting current AMD CPUs.

The 13 vulnerabilities listed in the white paper allegedly affect all Ryzen and Ryzen Pro products currently on the market, as well as EPYC server CPUs made by AMD, but do require root-level (administrator) operating-system access in order to exploit.

As is the case with many security exploits, these could theoretically allow hackers access to personal credentials and provide an opportunity to spread malware, but the white paper also warns of the potential for “long-term industrial espionage”.

The report from CTS Labs is intentionally light on the exploits’ details; a measure intended to stop anyone from using the alleged exploits while AMD is given the time to investigate them. Despite this, Gizmodo reports that CTS only gave AMD 24 hours notice before making the white paper public.

In the company’s official statement on the issue, AMD claimed it was “unusual for a security firm to publish research to the press without providing a reasonable amount of time for the company to investigate and address its findings”.

Naturally, AMD is “actively investigating and analyzing” the report’s findings, and we’ll keep this article updated with further details as they come to light.

« Go back