A group of researchers has discovered security flaws in AMD processors that could affect millions of devices. The failure, according to those responsible for the finding, is similar to the Meltdown and Specter vulnerabilities that were discovered in early 2018 on Intel processors.
Security experts from the Israeli company CTS Labs announced the discovery of a total of 13 security flaws or critical vulnerabilities that would affect the processors of the AMD Ryzen and AMD Epyc lines. These failures would allow attackers to access sensitive and confidential user data by installing malware.
A spokesperson for AMD told CNET that in his company “safety is one of the priorities, and we continually work to keep our users safe as new risks arise. We are investigating this analysis, which we have just received, to understand the methodology and value of these findings. ” Officially, AMD has not acknowledged the existence of these rulings until now.
Ryzen processors are part of AMD’s personal consumption line, while Epyc processors are used in servers. CTS Labs communicated the discovery to AMD 24 hours before announcing it publicly, with the intention that they could advance the necessary measures to solve it. In this class of cases it is common for researchers to wait up to 90 days before communicating it to the public.
The vulnerabilities, known as Ryzenfall, Masterkey, Fallout and Chimera, allow an attacker to hide on the processor’s security platform and can not be detected, which would allow access and theft of confidential user data. Originally after the discovery of Meltdown and Specter in the Intel processors, AMD said that only part of the failures connected their chips and since then it has published updates to correct any vulnerability. [ CTS Labs ]