AMD investigating reports of critical vulnerabilities found in Ryzen chips
Researchers found several security vulnerabilities in various AMD chops which allows attackers to steal sensitive data and malware on systems powered by AMD CPUs. An Israeli company, CTS-Labs discovered 13 critical vulnerabilities that affect AMD's EPYC servers and Ryzen workstations. The security report was issued to AMD, Microsoft and a handful of companies.
According to the researchers, the flaws stem from the design of AMD's "security gatekeeper" Secure Processor, which is the area of the processor where devices store sensitive data including passwords and encryption keys. The white paper CTS-Labs released outlines those flaws. Researchers found four primary type of vulnerabilities that can be leveraged to attack the processors. One nasty vulnerability is called Chimera which was discovered in the Ryzen CPU. Chomera has two sets of manufacturer backdoor flaws - one in firmware and the allow in hardware. This allows malicious code to be injected into Ryzen chipsets.
Another vulnerability found is Ryzenfall. Ryzenfall allows malicious ode to take complete control over the AMD Secure Processor and leverage the privileges to read and write protected memory such as SMRAM and Windows Credential Guard isolated memory. The third flaw impacts the EPYC server chips and has the same vulnerability as Ryzenfall in that it also allows privileges to read and write protected memory areas.
These flaws may lead to hardware based ransomware by causing damage to physical hardware and bricking hardware. This is the latest hit for chip makers after the Spectre and Meltdown flaw disclosed by Google Project Zero. Both AMD and Microsoft are currently working on patches to fix the flaws but it may be months before patches gets released.