Home AMD says CTS Labs vulnerabilities can be patched with new firmware
News

AMD says CTS Labs vulnerabilities can be patched with new firmware

Renee Johnson
Disclosure
Disclosure
In our content, we occasionally include affiliate links. Should you click on these links, we may earn a commission, though this incurs no additional cost to you. Your use of this website signifies your acceptance of our terms and conditions as well as our privacy policy.

Amid the tumult that CTS Labs stirred up with its questionably-conducted disclosure of a range of potential vulnerabilities in AMD hardware last week, it's important to remember that those vulnerabilities are, by the accounts of all who have seen proof-of-concept code, legitimate. While the vulnerabilities generally require administrative rights to exploit, they reward that privilege escalation with the potential to compromise a system's hardware root of trust or install persistent malware. Today, AMD announced plans to begin mitigating the four categories of exploits that CTS Labs revealed through its disclosure. Happily, the company believes it can safeguard its processors and chipsets against all of these vulnerabilities through firmware updates.

As a brief refresher, the so-called "Masterkey" vulnerability allows an attacker to compromise the AMD Secure Processor, an integrated ARM core that handles some platform security functions for some Ryzen and Epyc systems, by installing a corrupted firmware that the Secure Processor does not detect during its own self-checks. Once the Secure Processor is compromised in this way, an attacker could persistently bypass the protections of AMD's Secure Encrypted Virtualization and Firmware Trusted Platform Module features. CTS Labs also warns that Masterkey exploits could bypass Windows' Credential Guard features and physically damage or "brick" affected hardware. AMD says a firmware patch for this issue will arrive "in the coming weeks."

The Ryzenfall and Fallout vulnerabilities, according to AMD, allow an attacker to write to some of the Secure Processor's own registers. That access could allow an attacker to read or write to protected memory regions for x86 System Management RAM and Windows Credential Guard. In conjunction with the Masterkey vulnerability, CTS Labs says Ryzenfall could be used to install persistent malware on a system. As with Masterkey, AMD believes it can mitigate the issue through a firmware update, and it plans to release those mitigations soon.

Finally, AMD says the Chimera vulnerability in its Promontory chipset silicon can be exploited by an attacker who can install a malicious driver on a system. Once that's done, the company says "certain Promontory functions" can be exposed. AMD says Chimera can be used to access physical memory through the chipset or to install malware on the chipset that does not persist across reboots. AMD says it is working with the "third-party provider"—ASMedia, by CTS Labs' account—that designed and produced the Promontory chipset to mitigate the problem. Like the other two vulnerabilities, AMD expects that Chimera can be mitigated through a firmware update that will arrive soon.

If AMD can, in fact, mitigate these issues through firmware updates alone, owners of its processors and platforms will likely be able to breathe a little easier. Presumably, CTS Labs will test those mitigations independently and determine whether those customers are, in fact, safe. We'll continue to keep an eye on this story as it develops.

Latest News

Top Crypto Gainers on 18 March – AVAX and RNDR
Crypto News

Top Crypto Gainers on 18 March – AVAX and RNDR

smartphone security organization
Community Contributions

How to Successfully Tackle Smartphone Security in Your Organization

With so many new smartphone models being rolled out each year, it’s crucial to stay on top of security for your business. The last thing you want is to experience...

meme-season (1)
Crypto News

8 Meme Coins to Consider for Investment During the Current Meme Coin Trend

Meme coins recorded jaw-dropping returns in the past couple of weeks. Many household projects pushed towards its new ATHs in recent weeks. Dogwifhat, surged over 600% in the last week...

SpaceX Is Building A Network Of 100 Spy Satellites For The US
News

SpaceX Is Building a Network of 100 Spy Satellites for the US Government, Angers China

IMF Shared An Update About The February Security Breach
News

IMF Shared an Update about the February Security Breach – All Affected Email Accounts Resecured

Taylor Swift in concert
Statistics

9 Taylor Swift Controversies – The Numbers Behind the Drama

What is Darwin AI, Apple’s Latest AI Acquisition?
News

What is Darwin AI, Apple’s Latest AI Acquisition?