Now it is AMD who falls among the vulnerabilities at the silicon level, since a whopping thirteen vulnerabilities have been detected that affect all AMD Ryzen processors and possibly also the RX Vega.
Specter and Meltdown have mainly affected Intel processors, but AMD and ARM have not been spared from being affected by these problems. AMD appeared to be quite spared and affected, almost by chance, but a total of 13 new and unknown vulnerabilities have been discovered in all processors that are based on the Zen architecture, thus all AMD Ryzen models are affected. , from those for home use to professionals, something that is not exactly good.
The 13 detected vulnerabilities fall into four classes and affect Ryzen, Ryzen Pro, Ryzen Threadripper, EPYC and of course, Ryzen APUs. Specifically, these four groups have been called Ryzenfall, Masterkey, Fallout and Chimera and have been discovered and cataloged by security researchers at CTS-Labs, an Israeli company. This information is completely public and there is still no statement from AMD on this, but it comes at a bad time, because the Ryzen have just completed a year of constantly bothering Intel.
These vulnerabilities allow the malware to withstand reboots and even the installation of the operating system from scratch, as well as being completely undetectable by most security software. It seems that some of these vulnerabilities do not take into account even the most basic principles in terms of security, something that raises many doubts about the company's security controls, auditing and quality controls.
Like Specter and Meltdown, these vulnerabilities are at the silicon level, so they cannot be fixed, they can only be mitigated. This problem affects the current Ryzen and it will surely affect the Ryzen 2, which will hit the market next month (very possibly), since it is impossible for AMD to have the possibility of solving them at least for Ryzen based on 12nm.
The Vega architecture is not saved either, which is a huge failure and problem for the company. The problem is that Vega also makes use of the Secure Processor and could be vulnerable just like the processors based on the Zen architecture. Basically the attacker could infect the GPU, and then use the DMA to access the entire system through the vulnerabilities detected .
Source: Guru3D
Even if you keep making notes against AMD ...
The difference with Intel's Meltdown and Spectre is that they knew about it years ago! This came out only recently and with a "new" company that was never known before and that didn't even respect the protocols that are always in place to give notice and give time before making it public. In fact, Intel continues to release new processors with these errors as if nothing happened.
This is what AMD replied.
«We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we found it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise. "We will update this blog as news develops."
«Even if you keep writing articles against AMD» Now it will be Roberto's fault for AMD's vulnerabilities, please…
As much as "years" in the case of Intel, I don't think so, and it was wrong, but then AMD comes along saying that theirs are perfectly fine, the company's capitalization increases because of this and later it is shown that it was a lie, well... let's see the double standards.
Does AMD no longer sell processors? And do you think that the ones they have in stock are not going to be put up for sale?
The last thing, the appointment, that if it has an added value to the news.
As far as I know nothing has yet been proven, the company that released that security release is not yet verified to be all true.
But yes, on this page they always criticize AMD with too much force.
Specter also affects AMD, it is proven and also that they denied it at first.
These new vulnerabilities, it will be necessary to see if there are other companies that corroborate it, because AMD's statements are not very reliable.
As other websites are dedicated to reporting and the criticism is overwhelming but above all true, the Vega cards were a "huge failure", they have an exaggerated consumption and a lower performance than expected. Even Raja left AMD, there must be a reason for that.
And that they have a chip dedicated to security in their processors, exclusively to security and just for this it has a lot and various vulnerabilities because it sounds like a joke.
In addition to being, they are much more serious than Meltdown and Specter.
It's time to wait, but don't say they only criticize when Assaulter loved the Threadripper because of how well it moved and made a video.
I quote verbatim: “The operation is epic”, “The results have been amazing”.
Leave it alone, don't bother, because those who come to cry, you know where they come from, from a medium banned by AMD for constantly skipping the NDAs and that they don't have the courage to do the same with Intel. It does not matter what is said already, but it does not take away our sleep. They are visits, the rest, we don't care. We will continue to tell things as they are.
things as they are, except when it is something about Intel that is praised inordinately ... and so it was also, that several visitors who always commented were blocked for making comments in favor of AMD and against Intel.
Make no mistake, who does not speak for or against anyone, they say things as they are. When Intel does things wrong, it is said and criticized, such as its thermal problems in the i7 7700K, but look at the review we have made of this processor. Insults and lack of education on other websites will be allowed, but not here.
I need to mention something very important: to exploit these bugs you need administrator permission on the computer.