AMD confirms flaws found by CTS-labs; promises patches with fixes

Costea Lestoc By: Costea Lestoc
2 minute read

AMD has finally confirmed the flaws announced by CTS-Labs, but it also downplayed their severity. The company promised to release fixes via firmware patches shortly.

CTS-Labs is a small security company that became famous after going public with 13 claimed security flaws that affect AMD’s Zen-based processor families. This happened after CTS-Labs alerted the company privately and when a substantial short on AMD’s stock got issued.

Here are the claimed vulnerabilities, according to AMD

The flaws aka Ryzenfall, Masterkey, Fallout, and Chimera sparked controversy regarding their severity and validity. Everyone was curious what AMD plans to do about this. AMD issued the first statement in which it confirms the flaws but says they have a less severe impact than previously presented by the security firm. AMD also mentioned the Spectre vulnerability that is related to design flaws in the Zen microarchitecture unlike the ones mentioned above.

AMD’s Mark Papermaster stated that the flaws found by CTS-Labs are associated with the firmware managing the embedded security control processor in some AMD products and the chipset used in some socket AM4 and socket TR4 desktop platforms that support AMD CPUs.

AMD said that all these issues require administrative access to the system that grants the user unrestricted access and the right to delete, create or modify any of the system’s data. Attackers would have increased power of exploits. AMD also said that modern Oss have adequate security controls that would prevent this from happening.

AMD confirms that it will release fixes

The company promised that it would release fixes for all these issues as soon as possible via firmware updates. These will have to be integrated into updates coming from each motherboard manufacturer and for each model. In other words, the fixes will probably need a long time and the affected products will receive the patches not as soon as expected. These will not affect the performance or functionality of the affected systems. AMD concluded saying that these flaws are definitely less easy to exploit compared to Spectre and Meltdown ones.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Mozilla adds alerts about recently breached sites into Firefox browser

Giles Ensor avatar. By: Giles Ensor
3 minute read

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make […]

Continue Reading

More uncertainty for Microsoft’s Windows 10 October Update

Giles Ensor avatar. By: Giles Ensor
3 minute read

Oh dear. It’s been a pretty bad month for Microsoft concerning its Windows 10 October 1809 Update release. Microsoft eventually released the update a couple […]

Continue Reading

Confirmed: Microsoft now accepting ARM64 apps on its Store

Giles Ensor avatar. By: Giles Ensor
2 minute read

Yesterday, Microsoft released Visual Studio 15.9. With it came the announcement that “developers now have the officially supported SDK and tools for creating 64-bit ARM […]

Continue Reading