Tuesday, May 01, 2018 7:05:19 PM
https://amdflaws.com/
White Paper.
https://safefirmware.com/amdflaws_whitepaper.pdf
Oooops!
AMD Ryzen Chipset
Outsourced Chip Design Contains Backdoors
The chipset is a central component on Ryzen and Ryzen Pro workstations: it links the processor with hardware devices such as WiFi and network cards, making it an ideal target for malicious actors.
The Ryzen chipset is currently being shipped with exploitable backdoors that could let attackers inject malicious code into the chip, providing them with a safe haven to operate from.
AMD’s outsource partner, ASMedia, is a subsidiary of ASUSTeK Computer, a company with poor security track record that has been penalized by the Federal Trade Commission for neglecting security vulnerabilities, and must now undergo independent security audits for the next 20 years.
The Chipset backdoors exist on virtually all Ryzen and Ryzen Pro workstations on the market today.
USB, SATA, PCI-E, and network traffic may flow through the chipset. Malware could leverage this position of power.
Naught Guuud!
AMD Secure Processor
Critical Security Vulnerabilities in the AMD Secure Processor
AMD Secure Processor, responsible for maintaining security within EPYC and Ryzen processors, is currently being shipped with critical security vulnerabilities allowing malicious actors to install malware inside the chip.
The vulnerabilities may allow malicious actors to proliferate through corporate networks using stolen network credentials, by allowing Microsoft Windows Credential Guard to be bypassed.
Secure Encrypted Virtualization, a key feature that AMD advertises to cloud providers, could be defeated as soon as attackers obtain malicious code execution on the EPYC Secure Processor.
A malicious actor can gain full access to the compromised system, its physical memory, peripherals and to the secrets stored inside (fTPM).
Attackers could execute malicious code on the EPYC Secure Processor.
///***********************************************************
RYZENFALL
RYZENFALL allows malicious code to take complete control over the AMD Secure Processor.
Secure Processor privileges could be leveraged to read and write protected memory areas, such as SMRAM and the Windows Credential Guard isolated memory.
Attackers could use RYZENFALL to bypass Windows Credential Guard, steal network credentials, and then potentially spread through even highly secure Windows corporate networks.
Attackers could use RYZENFALL in conjunction with MASTERKEY to install persistent malware on the Secure Processor, exposing customers to the risk of covert and long-term industrial espionage.
///*************************************************************
FALLOUT
The vulnerabilities allow attackers to read from and write to protected memory areas, such as SMRAM and Windows Credential Guard isolated memory (VTL-1).
An attacker could leverage these vulnerabilities to steal network credentials protected by Windows Credential Guard.
An attacker could leverage these vulnerabilities to bypass BIOS flashing protections that are implemented in SMM.
///****************************************************************
CHIMERA
Two sets of manufacturer backdoors discovered: One implemented in firmware, the other in hardware (ASIC). The backdoors allow malicious code to be injected into the AMD Ryzen chipset.
The chipset links the CPU to USB, SATA, and PCI-E devices. Network, WiFi and Bluetooth traffic often flows through the chipset as well. An attacker could leverage the chipset’s middleman position to launch sophisticated attacks.
Chipset-based malware could evade virtually all endpoint security solutions on the market.
Malware running on the chipset could leverage the latter’s Direct Memory Access (DMA) engine to attack the operating system. This kind of attack has been demonstrated.
///**************************************************************
MASTERKEY
Multiple vulnerabilities in AMD Secure Processor firmware allow attackers to infiltrate the Secure Processor.
Enables stealthy and persistent malware, resilient against virtually all security solutions on the market.
Allows tampering with AMD’s firmware-based security features such as Secure Encrypted Virtualization (SEV) and Firmware Trusted Platform Module (fTPM).
Facilitates network credential theft by allowing Windows Credential Guard to be bypassed.
Physical damage and bricking of hardware. Could be used by attackers in hardware-based "ransomware" scenarios.
///*******************************************************************
Recent AMD News
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 09/17/2024 08:21:52 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 09/13/2024 08:15:04 PM
- Form 144 - Report of proposed sale of securities • Edgar (US Regulatory) • 09/11/2024 08:19:11 PM
- AMD Advancing AI 2024 Event to Highlight Next-gen Instinct and EPYC Processors and Expanding Solutions Ecosystem • GlobeNewswire Inc. • 09/10/2024 01:00:00 PM
- AMD to Present at the Goldman Sachs Communacopia and Technology Conference • GlobeNewswire Inc. • 09/04/2024 01:00:00 PM
- AMD Appoints AI Industry Veteran Keith Strier to Expand Global AI Capabilities and Engagements • GlobeNewswire Inc. • 09/03/2024 08:15:00 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/22/2024 08:13:14 PM
- AMD 2023-24 Corporate Responsibility Report: Advancing Sustainability, Collaboration and Inclusion • GlobeNewswire Inc. • 08/21/2024 01:00:00 PM
- Form 144 - Report of proposed sale of securities • Edgar (US Regulatory) • 08/20/2024 08:26:54 PM
- AMD to Present at the Deutsche Bank Technology Conference • GlobeNewswire Inc. • 08/20/2024 08:15:00 PM
- Berkshire Reduces Stake in BofA, Hawaiian Airlines Soars 10%, Paramount Receives $4.3B Offer, and More • IH Market News • 08/20/2024 09:56:02 AM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/19/2024 08:26:24 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/19/2024 08:24:17 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/19/2024 08:22:02 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/19/2024 08:19:38 PM
- Futures Pointing To Roughly Flat Open On Wall Street • IH Market News • 08/19/2024 01:13:22 PM
- Form 8-K - Current report • Edgar (US Regulatory) • 08/19/2024 10:22:30 AM
- AMD to Significantly Expand Data Center AI Systems Capabilities with Acquisition of Hyperscale Solutions Provider ZT Systems • GlobeNewswire Inc. • 08/19/2024 10:00:00 AM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:36:07 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:33:41 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:31:32 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:28:11 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:22:55 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:20:27 PM
- Form 4 - Statement of changes in beneficial ownership of securities • Edgar (US Regulatory) • 08/13/2024 08:17:08 PM
VHAI - Vocodia Partners with Leading Political Super PACs to Revolutionize Fundraising Efforts • VHAI • Sep 19, 2024 11:48 AM
Dear Cashmere Group Holding Co. AKA Swifty Global Signs Binding Letter of Intent to be Acquired by Signing Day Sports • DRCR • Sep 19, 2024 10:26 AM
HealthLynked Launches Virtual Urgent Care Through Partnership with Lyric Health. • HLYK • Sep 19, 2024 8:00 AM
Element79 Gold Corp. Appoints Kevin Arias as Advisor to the Board of Directors, Strengthening Strategic Leadership • ELMGF • Sep 18, 2024 10:29 AM
Mawson Finland Limited Further Expands the Known Mineralized Zones at Rajapalot: Palokas step-out drills 7 metres @ 9.1 g/t gold & 706 ppm cobalt • MFL • Sep 17, 2024 9:02 AM
PickleJar Announces Integration With OptCulture to Deliver Holistic Fan Experiences at Venue Point of Sale • PKLE • Sep 17, 2024 8:00 AM