INFRA
INFRA
INFRA
AMD confirms chip vulnerabilities and promises a fix is on its way
Advanced Micro Devices Inc. today confirmed vulnerabilities first disclosed by Israeli security firm CTS Labs last week and has promised that a fix is on its way.
The vulnerabilities, found in AMD’s Epyc secure processor and the Ryzen chipset, could allow attackers to take control of systems running on these chipsets, access secure data and even install malware.
While confirming that the vulnerabilities are real, AMD said that the risk they present is overstated, that there’s no evidence that of any of the potential exploits has been used for malevolent purposes, and that it would be extremely difficult to use any of them to attack computers.
Richard Henderson, global security strategist at Absolute Software Corp., told SiliconANGLE that the research and vulnerabilities shouldn’t be a huge surprise because it’s common for researchers to focus their attention on similar products when a major issue is found.
“In this case, the wide-scale attention that processors and hardware have received as a result of the Spectre and Meltdown vulnerabilities meant that it was probable that something else would be found in other products,” Henderson said. “The odds are good that a particularly skilled cybercriminal or state-sponsored group will leverage these types of vulnerabilities to develop new exploits.”
Henderson cautioned that the first step for enterprises, as with the Spectre and Meltdown flaws, is not to panic. “While these new vulnerabilities do appear to have well-developed proof-of-concept code, there’s nothing in the wild yet taking advantage of them,” he said. “It’s likely we’ll see patches hitting devices sooner rather than later.”
It’s time for enterprises to take full stock of all of their devices to determine how exposed those devices are to these new issues, he added. “Once you have an understanding as to how many devices you have that are vulnerable, you will be in a strong position to either implement additional controls for those endpoints or temporarily swap them out for other unaffected devices until patches can be developed and deployed.”
Image: CTS-Labs
A message from John Furrier, co-founder of SiliconANGLE:
Support our open free content by sharing and engaging with our content and community.
Join theCUBE Alumni Trust Network
Where Technology Leaders Connect, Share Intelligence & Create Opportunities
11.4k+
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.
SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
