Spectre-like CPU flaws revealed in AMD’s Ryzen and Epyc processors

by Ugnius Kiguolis - -

CTS-Labs discovered a Spectre-like vulnerability in AMD‘s Ryzen and EPYC chips

Specre-like CPU flaw revealed in AMD's processors

CTS-Labs,[1] an unknown security company based in Israel, reported a severe CPU flaw in AMD‘s Ryzen and EPYC chips. The company claims to have revealed 13 vulnerabilities that would allow criminals to inject malware and leak personal data.

The company claims that the vulnerabilities of the AMD‘s processors are incredibly worrisome as the flaw resides in the parts that are supposed to be the most protected. The vulnerable parts contain personal information, including passwords, login information, encryption key, etc. the leakage of which would cause severe damage.

For the last couple of month, IT-related news sites and forums are flickering with the warning regarding Spectre and Meltdown vulnerabilities,[2] which pose a high-risk to millions of Intel, AMD, and other modern processor users‘ of cyber attacks. Whether the current AMD‘s vulnerability is yet another severe threat is still a debatable question.

CTS-Labs gave AMD 24 hours to check the vulnerabilities

Standard deadline for a weakness to be analyzed by the respective company is 90 days. Within the period, the company responsible for the flaw has the right not to comment on the issue and approve or deny the problem when the actual test results are prepared.

In case of security vulnerability in Ryzen and EPYC chips, AMD has been demanded to verify the condition of its processors within 24 hours.[3] A day for fixing critical flaws is not sufficient to address the problem adequately or, at least, check whether it‘s real. Even the infamous Spectre and Meltdown patches have to be addressed in six months on behalf of Google researchers‘ demand.

The undergoing investigation is expected to reveal whether such a quick response is required due to the seriousness of the vulnerability or it‘s just an unfounded whim of CTS-Labs. AMD company reacted immediately and promised to check all supposedly found issues, but did not restrain from commenting on the CTS-Labs untrustworthiness:

unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings.

Initially mocked, the issues was approved to be real

The revelation of CTS Labs test results initially triggered diverted opinions among IT specialists. Most of them disapproved the foundings and „mocked“ the whole project. Linus Torvalds, the creator of Linux, was one of the active figures who tried to refute the claims about AMD‘s Ryzen and EPYC chips. He said in a Google + discussion:

When was the last time you saw a security advisory that was basically 'if you replace the BIOS or the CPU microcode with an evil version, you might have a security problem?' Yeah.

Later he added:

I just found a flaw in all of the hardware space. No device is secure: if you have physical access to a device, you can just pick it up and walk away. Am I a security expert yet?

However, AMD was quick to respond to the current situation and, surprisingly to the opposite parties, it admitted that the security flaw is real. Dan Guido, one of the company‘s researchers, confirmed the flaw:[4] 

Regardless of the hype around the release, the bugs are real, accurately described in their technical report (which is not public afaik), and their exploit code works.

Ryzenfall, Master Key, Fallout, and Chimera. What are the dangers of these flaws?

Dubbed as Ryzenfall, Master Key, Fallout, and Chimera, the security flaws revealed in AMD‘s Ryzen processor, and EPYC server processors seem not to have been exploited by criminals yet.

The danger of these flaws is rather exaggerated. It turns out that to exploit them for malware injection and data leakage, criminals need administrative privileges. Although the flaw is not expected to go wild, crooks who might have administrative access to PCs might do practically anything on a targeted device.[5] 

Therefore, it‘s advisable to stay in touch with the latest news about the flaw and install the BIOS updates that contain AMD‘s processors‘ patches.

Prevent websites, ISP, and other parties from tracking you

Private Internet Access is a VPN that can prevent your Internet Service Provider, the government, and third-parties from tracking your online and allow you to stay completely anonymous. The software provides dedicated servers for torrenting and streaming, ensuring optimal performance and not slowing you down. You can also bypass geo-restrictions and view such services as Netflix, BBC, Disney+, and other popular streaming services without limitations, regardless of where you are.

A VPN is also crucial when it comes to user privacy. Online trackers such as cookies can not only be used by social media platforms and other websites but also your Internet Service Provider and the government. Even if you apply the most secure settings via your web browser, you can still be tracked via apps that you are connected to the internet. Besides, privacy-focused browsers like Tor is are not an optimal choice due to diminished connection speed.

Therefore, to stay completely anonymous and prevent the ISP and the government from spying on you, you should employ Private Internet Access VPN. It will allow you to connect to the internet while being completely anonymous, prevent trackers, ads, as well as malicious content. Most importantly, you will prevent the illegal surveillance activities that NSA and other governmental institutions are performing behind your back.

 

Recover your lost files quickly

Unforeseen circumstances can happen at any time while using the computer: it can turn off due to a power cut, a Blue Screen of Death (BSoD) can occur, or random Windows updates can decide to reboot the machine when you went away for a few minutes. As a result, your schoolwork, important documents, and other data might be lost.

Additionally, you might also be attacked by malware that can corrupt your Windows or encrypt files with a robust encryption algorithm, and ask for a ransom in Bitcoin for the decryption tool. Cybercriminals might not deliver what they promised, however, so it is better to attempt alternative file recovery methods that could help you to retrieve at least some portion of the lost data.

Data recovery software is one of the options that could help you recover your files. Once you delete a file, it does not vanish into thin air – it remains on your system as long as no new data is written on top of it. Data Recovery Pro is recovery software that searchers for working copies of deleted files within your hard drive. By using the tool, you can prevent loss of valuable documents, school work, personal pictures, and other crucial files.

About the author
Ugnius Kiguolis
Ugnius Kiguolis - The problem solver

Ugnius Kiguolis is the founder and editor-in-chief of UGetFix. He is a professional security specialist and malware analyst who has been working in IT industry for over 20 years.

Contact Ugnius Kiguolis
About the company Esolutions

References


Your opinion regarding Spectre-like CPU flaws revealed in AMD’s Ryzen and Epyc processors