Corsair H170i Elite Capellix XT review
Forspoken: PC performance graphics benchmarks
ASRock Z790 Taichi review
The Callisto Protocol: PC graphics benchmarks
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review
Initial AMD Technical Assessment of CTS Labs Research
AMD now officially responded to the existence of the bugs related to its Ryzen processors, exactly one week after the existence of the security problems have been made public by CTS labs. The CTO states it has been able to reproduce the mentioned issues in the security processor and the chipset developed by ASMedia.
BIOS updates and firmware patches are on the way, also for PSP. The PSP is an ARM core integrated in AMD processors that enables remote management, similar to the Intel Management Engine.
--- AMD---
On March 12, 2018, AMD received a communication from CTS Labs regarding research into security vulnerabilities involving some AMD products. Less than 24 hours later, the research firm went public with its findings.
Security and protecting users’ data is of the utmost importance to us at AMD and we have worked rapidly to assess this security research and develop mitigation plans where needed. This is our first public update on this research, and will cover both our technical assessment of the issues as well as planned mitigation actions.
The security issues identified by the third-party researchers are not related to the AMD “Zen” CPU architecture or the Google Project Zero exploits made public Jan. 3, 2018. Instead, these issues are associated with the firmware managing the embedded security control processor in some of our products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors. As described in more detail below, AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations.
It’s important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings. Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research. Further, all modern operating systems and enterprise-quality hypervisors today have many effective security controls, such as Microsoft Windows Credential Guard in the Windows environment, in place to prevent unauthorized administrative access that would need to be overcome in order to affect these security issues. A useful clarification of the difficulties associated with successfully exploiting these issues can be found in this posting from Trail of Bits, an independent security research firm who were contracted by the third-party researchers to verify their findings.
The security issues identified can be grouped into three major categories. The table below describes the categories, the AMD assessment of impact, and planned actions.
|
Vulnerability Groups |
Problem Description & Method of Exploitation |
Potential Impact |
Planned AMD Mitigation |
|
MASTERKEY and PSP Privilege Escalation (AMD Secure Processor or “PSP” firmware) |
Issue: Attacker who already has compromised the security of a system updates flash to corrupt its contents. AMD Secure Processor (PSP) checks do not detect the corruption.
Method: Attacker requires Administrative access |
Attacker can circumvent platform security controls. These changes are persistent following a system reboot. |
Firmware patch release through BIOS update. No performance impact is expected.
AMD is working on PSP firmware updates that we plan to release in the coming weeks. |
|
RYZENFALL and FALLOUT
(AMD Secure Processor firmware) |
Issue: Attacker who already has compromised the security of a system writes to AMD Secure Processor registers to exploit vulnerabilities in the interface between x86 and AMD Secure Processor (PSP).
Method: Attacker requires Administrative access. |
Attacker can circumvent platform security controls but is not persistent across reboots.
Attacker may install difficult to detect malware in SMM (x86). |
Firmware patch release through BIOS update. No performance impact is expected.
AMD is working on PSP firmware updates that we plan to release in the coming weeks. |
|
“Promotory” |
|||
|
CHIMERA “Promontory” chipset used in many socket AM4 desktop and socket TR4 high-end desktop (HEDT) platforms. AMD EPYC server platforms, EPYC and Ryzen Embedded platforms, and AMD Ryzen Mobile FP5 platforms do not use the “Promontory” chipset. |
Issue: Attacker who already has compromised the security of a system installs a malicious driver that exposes certain Promontory functions.
Method: Attacker requires Administrative access. |
Attacker accesses physical memory through the chipset.
Attacker installs difficult to detect malware in the chipset but is not persistent across reboots. |
Mitigating patches released through BIOS update. No performance impact is expected.
AMD is working with the third-party provider that designed and manufactured the “Promontory” chipset on appropriate mitigations. |
AMD will provide additional updates on both our analysis of these issues and the related mitigation plans in the coming weeks.
AMD Radeon Pro Duo (Dual Fiji GPUs) Announced + Initial Perf Numbers - 03/15/2016 07:30 PM
Read it well, an announcement, don't expect any reviews. We do have some photo's though. The DUal Fiji GPU based AMD Radeon Pro Duo has been announced. Imagine two Fury X cards and well, there you ...
AMD Mantle Update - Driver released to press - Initial Results - 02/01/2014 10:55 AM
I promised to keep you guys up-to date. AMD has released a Mantle active driver to the press hours ago. So it will not be ling before the first results will appear. The driver apparently will with in ...
sykozis
Senior Member
Posts: 22408
Joined: 2008-07-14
Senior Member
Posts: 22408
Joined: 2008-07-14
#5530761 Posted on: 03/23/2018 05:14 AM
It's a firmware update, not software.
Until someone provides solid, substantiated proof that Intel was somehow involved, it's best to avoid the accusation entirely. It doesn't do anyone any good.
It's a firmware update, not software.
Don't you know? This is 2018 in the guru3d forums, where conspiracy theories are facts.
Until someone provides solid, substantiated proof that Intel was somehow involved, it's best to avoid the accusation entirely. It doesn't do anyone any good.
Aura89
Senior Member
Posts: 8366
Joined: 2008-07-31
Senior Member
Posts: 8366
Joined: 2008-07-31
#5530765 Posted on: 03/23/2018 05:52 AM
Wasn't disagreeing.
Until someone provides solid, substantiated proof that Intel was somehow involved, it's best to avoid the accusation entirely. It doesn't do anyone any good.
Wasn't disagreeing.
Zeka
Member
Posts: 90
Joined: 2016-09-27
Member
Posts: 90
Joined: 2016-09-27
#5531232 Posted on: 03/24/2018 10:17 PM
Yes, perhaps I'm overreacting. Intel is known for employing truthful and honest business practices, and this would be a big stain on their otherwise clean name.
I can't help but wonder, when I take into account everything that was laid out, who gets to profit from such "terrible news" about AMD processors?
1. Marketing-type videos produced by a previously-unknown security research company
2. Extremely short 24 hour notice to AMD before the "security issues" are publicized
3. Hyped up "security issues" which require ADMINISTRATIVE access to exploit, at which point your computer security is already down the toilet
....
Just seems like an attempt to slow down the AMD sales, probably manipulate stock prices etc
Yes, perhaps I'm overreacting. Intel is known for employing truthful and honest business practices, and this would be a big stain on their otherwise clean name.
I can't help but wonder, when I take into account everything that was laid out, who gets to profit from such "terrible news" about AMD processors?
1. Marketing-type videos produced by a previously-unknown security research company
2. Extremely short 24 hour notice to AMD before the "security issues" are publicized
3. Hyped up "security issues" which require ADMINISTRATIVE access to exploit, at which point your computer security is already down the toilet
....
Just seems like an attempt to slow down the AMD sales, probably manipulate stock prices etc
Click here to post a comment for this news story on the message forum.
Senior Member
Posts: 1739
Joined: 2017-06-26
Blame Germany.
I already started to feel guilty, but please tell me why. *lol*
(Pre-guilty-fication! Feeling guilty before you know why! Pro-active behaviour! You can learn a lot from us Germans!)
But BTT:
So AMD says they can fix almost every issue by software patches? This doesn't sound like CTS labs' assumption they cannot fix it.
But one thing comes to my mind: We are talking about AMD's way of "insecure" security management chips, right? Wasn't there an outcry when intel's ME came up about the facts it is encrypted and noone is able to modify the firmware (digitally signed, checksums, etc.) and all is hardlocked and Intel is a bad guy because ME is locked down too much ("You are not the owner of your system anymore" and all this stuff) and has deep system access and so on? So AMD put out their security processor without most of this stuff, it doesn't require digital signatures on its firmware, so WHAT DO YOU WANT??!! This whole "security processor" stuff is useless from my point of view, so a user should have the option to DISABLE this completely.
A "signed firmware update way" ... couldn't care less! What does this change? Some years ago, while on training for my job, we learned how to fake MD5 checksums for example. Then there are tools out there, I think for Need For Speed (cannot recall what part) which change the checksum (I cannot say if MD5 or what) after you edited your savefile (money, parts and stuff, you know?) to match the one you had before, so NFS does not think you modded the savefile. You are able to sign your own drivers, for example win-raid.com does that for their edited drivers (some kind of universal drivers which fit on most systems / chipsets) and that is a good thing, because you do not have to enable the "developer mode" or accept any unsigned drivers at all. So where does "signing a file" provide you with more security? If I would be able to block my oldest daughter from accessing bad youtube videos, THAT would increase security A LOT from my perspective.
And as it was said so much times before: ASMEDIA chips are not only part of AMD's boards, but that is a whole other issue and should be separated from the main outcry, because it is not specific to AMD's devices.
This is yet another conspiracy theory, and written on guru3d, so it must be fact, too. ;-)