facebook rss twitter

AMD shares mitigation plans for Zen chipset security flaws

by Mark Tyson on 21 March 2018, 10:11

Tags: AMD (NYSE:AMD)

Quick Link: HEXUS.net/qadrwn

Add to My Vault: x

About a week ago cyber-security research firm and consultancy, CTS Labs, published various materials concerning multiple critical security vulnerabilities in AMD's 'Zen' core processor family. There followed quite some controversy over the way in which these alleged vulnerabilities were publicised, and about how practical it would be for these vulnerabilities to be exploited in the wild.

One of the CTS Labs news graphics published last week.

AMD had only 24 hours notice of the CTS security vulnerability research so its initial response was understandably brief - mainly promising an immediate investigation and updates to keep customers informed about findings and possible actions. Yesterday evening AMD CTO and SVP of Technology and Engineering, Mark Papermaster, delivered his measured response - covering AMD's own technical assessment of the issues and planned mitigation actions.

First of all Papermaster made it clear that the CTS Labs findings were nothing to do with the AMD 'Zen' CPU architecture or the Google Project Zero exploits made public on 3rd Jan, 2018. Instead these were seen to be issues in "the firmware managing the embedded security control processor in some of our products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors".

As I noted in the initial HEXUS report, Papermaster emphasised that the CTS Labs security issues "require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings." If an attacker already had this level of access, said Papermaster, there would be plenty of other attacks at their disposal, too.

click to zoom in

As you can see above, AMD seems to already have its game plan spelled out very clearly. With all of the vulnerability classes it expects that updates/fixes will have no impact on the host system performance. Most of the updates are scheduled for "the coming weeks" either through the BIOS or other means. Since AM4 isn't very old, third parties supporting the platform should be very willing to issue BIOS updates and so on.

CTS proof of concept video for Masterkey 1 exploit, from yesterday

Update: 22/03/18 14:00

HEXUS has since been contacted by a representative of CTS who has unequivocally stated that, as we mistakenly alluded to in the original piece, 'Viceroy is absolutely NOT a client of CTS and both CTS and Viceroy have publicly stated that.' We apologise for this error.



HEXUS Forums :: 72 Comments

Login with Forum Account

Don't have an account? Register today!
so CTS was right after all?
lumireleon
so CTS was right after all?

Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.
sedontane
lumireleon
so CTS was right after all?

Yeah, I dont think anyone doubted the validity of the claims, most of the doubt was around the level of impact that they would have compared to Spectre/Meltdown. CTS made it a super big deal, when actually it's a minor issue.
Yes if I understand it - If you have local admin access - you can install dodgy firmware and the like. If you've lost local admin, you're already screwed. Its not like Intel haven't had similar issues itself with the Intel Management Engine). This is nothing like Spectre/Meltdown.
lumireleon
so CTS was right after all?

About as right as stating “If someone has your car keys they can replace the radio and change the station.”
The car keys are the admin access. Changing the station is the hacker's objective. Replace the radio is the exploit they found.

Now… if someone has your car keys… are you really worried they will replace the radio in order to change the station? They can change the station already, they are inside the car, they can even drive away!!!

They were never wrong, they are just stupid.
It all appears like CTS were trying to manipulate stock prices and discredit AMD. It also appears to have not really worked…