CTS who? AMD brushes off chipset security bugs with firmware patches
Just give it a few weeks notice next time, not 24 hours
AMD has finally weighed in with its opinion of the security flaws in its Epyc, Ryzen, Ryzen Pro, and Ryzen Mobile chips, identified in a rather over-the-top fashion by CTS-Labs a week ago.
The vulnerabilities affect the firmware managing the AMD Secure Processor and the chips used in some socket AM4 and socket TR4 desktop platforms running AMD silicon.
In a post to the AMD website on Tuesday, Mark Papermaster, senior VP and CTO of AMD, downplays the severity of the bugs and promises firmware fixes to come.
"It’s important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings," said Papermaster.
"Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research."
Papermaster adds that modern operating systems and hypervisors have additional security controls, such as Microsoft Windows Credential Guard, that can prevent the privilege elevation necessary to exploit the vulnerabilities identified.
He points to observations made last week by Dan Guido, CEO of security firm Trail of Bits and the researcher who helped verify CTS-Labs' findings, that attempt to clarify the risks posed by the flaws.
OK, deep breath, relax... Let's have a sober look at these 'ere annoying AMD chip security flawsREAD MORE
Guido last week said much the same thing as Papermaster, that the bugs are not easy to exploit.
"There is no immediate risk of exploitation of these vulnerabilities for most users," said Guido. "Even if the full details were published today, attackers would need to invest significant development efforts to build attack tools that utilize these vulnerabilities."
AMD says it will provide firmware patches through a BIOS update for MASTERKEY, FALLOUT, and RYZENFALL, and will also provide a firmware fix for its Secure Processor (PSP) in the coming weeks. The company insists there will be no performance hit.
The chip designer said it also intends to release a mitigation patch through a BIOS update for the CHIMERA bug. In addition, it is "working with the third-party provider that designed and manufactured the 'Promontory' chipset on appropriate mitigations."
Papermaster added that the security issues identified by CTS-Labs are not related to the vulnerabilities identified by a Google researcher in January this year. ®