Researchers Find 13 Big Vulnerabilities In AMD Zen Architecture



/ 3 months ago

AMD Ryzen Threadripper Roadmap Up To 2020 Leaked

Major Issues In AMD Zen Architecture

In 2017, one of the biggest success stories in the world of PC hardware was the AMD Ryzen processors. Utilising the brand new AMD Zen architecture they were one of the years biggest and most popular sellers. As I write this to you now, a Ryzen 5 1600X sits in my system. A new report, however, gives me cause for some concern.

In a report via TechPowerUp, researchers have found that 13 major security vulnerabilities exist on the Zen architecture including several which allow for backdoor access. The scale of the vulnerabilities is being put on a scale possibly on par with Spectre and Meltdown.

The areas in which vulnerabilities exist

The areas of potential security issues have been broken down into 4 key areas. Of course, the exact nature of the issues is not revealed to prevent anyone potentially trying to exploit them.

MASTERKEY

The first issue looks at ‘Masterkey’ which operated as part of the secured boot feature. It has been found that an exploit can allow for an infected system bios to be installed which would not be detected.

RYZENFALL

Despite the name (which I love), there is nothing to be happy about here. This exploit could potentially allow for a malware code to be stored in the secure processor memory. This could allow for the malware to be executed while the PC runs. Admittedly, this would have to be exceptionally well-designed malware, but it is clearly still possible.

FALLOUT

The next exploit is known as ‘Fallout‘ but the good news is that it’s thought it should only affect AMD EPYC servers. This exploit is overall similar in style to Ryzenfall as it could potentially see sensitive memory attacked with just a different angle of attack.

CHIMERA

This one is a little more involved, but it is thought to that the exploit is found more with motherboards than with the processor itself. Particularly through a link of outsourcing which Ryzen did with the chipsets. This specific exploit may potentially be able to access Dynamic Memory which could, by proxy, allows access to the read/write function of the system memory.

Should I be worried?

The short answer is probably not. That being said, however, with the new Ryzen processors set to run on this AMD Zen architecture, who knows what implications this could have on their brand new line of CPU’s. In addition to the current Ryzen processors, you wouldn’t be too comfortable buying a new one if there is any underlying issues.

What do you think? A concerning breach? In addition, do you think it will affect the new Ryzen release? – Let us know in the comments!

amd logo amd zen

Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you’ll find our latest video reviews, event coverage and features in 4K!

eTeknix FacebookeTeknix TwittereTeknix Instagram

Check out our Latest Video

Topics: , , , , ,

Support eTeknix.com

By supporting eTeknix, you help us grow. And continue to bring you the latest news, reviews, and competitions. Follow us on Facebook and Twitter to keep up with the latest technology. Share your favourite articles, chat with the team and more. Also check out eTeknix YouTube, where you'll find our latest video reviews, event coverage and features in 4K!
eTeknix FacebookeTeknix TwittereTeknix Instagram

Check out our Latest Video

Comments

2 Responses to “Researchers Find 13 Big Vulnerabilities In AMD Zen Architecture”
  1. RedSymphony says:

    The paper was utter bullshit. The statements made within it are absolutely NOT what any infosec researcher would say or do if a flaw was discovered.

    It’s certainly an AMD stock manipulation tactic (it even says at the end that they have the interest of AMD’s value). Saying “AMD’s value should be at £0.00 and they will have to file for bankruptcy” and “AMD will have to cease to sell Ryzen CPUs” are statements that you’d expect to find posted in a YouTube comment section by a Intel fanboy, NOT an infosec researcher publishing a paper on their findings. Those lines are there to scare people as they are just opinion, not something you’d include in your report.

    Ten you have the whole thing about the company not existing until a few months ago and using stock assets from other websites to create their website and Youtube videos.

Speak Your Mind

Tell us what you're thinking...
and oh, if you want a pic to show with your comment, go get a gravatar!


Optimized with PageSpeed Ninja