March 15, 2018 | By Joel Odom
According to hardware security firm CTS-Labs, several widely-deployed AMD microprocessors contain vulnerabilities that allow attackers to take a successful attack to a more advanced level. The vulnerabilities, disclosed in a 20-page white paper entitled, "Severe Security Advisory on AMD Processors," all require an attacker to gain full control of a target's operating system before the AMD attacks may be employed. This means that a successful attack against an operating system would allow attackers to pivot the attack to the hardware, where the attack will be more persistent, more difficult to detect, and where the attacks can reach to parts of the victim's hardware that would normally be out of reach from purely software-based attacks.
IISP Analyst Joel Odom: "The past few years have seen an increase in cyberattacks against hardware. Last year, Chris M. Roberts and I commented on the AnC Attack, which defeats Address Space Layout Randomization (ASLR). I also wrote about a problem that allows attackers to take over a PC via USB. Most recently, Spectre and Meltdown have demonstrated how difficult it is to secure a modern microprocessor. It is my opinion that this upward trend in hardware-based attacks will continue.
The manner by which these particular AMD vulnerabilities were disclosed is noteworthy. The standard practice in the security industry is to give companies at least 90 days to fix a vulnerability before public disclosure. In this case, CTS-Labs (an Israeli research organization that published the white paper) gave AMD just one day of notice. The disclosure report also has a disclaimer that states, "The report and all statements contained herein are opinions of CTS and are not statements of fact," and that CTS may hold "an economic interest in the performance of the securities of the companies whose products are the subject of our reports." The cybersecurity world has noted that CTS's handling of the disclosure smells foul. That said, other side discussions that I have been tracking in the information security community lead me to believe that the disclosed flaws are serious problems and warrant immediate attention."
For further reading
- ArsTechnica: https://arstechnica.com/information-technology/2018/03/a-raft-of-flaws-in-amd-chips-make-bad-hacks-much-much-worse/
- CTS-Labs Severe Security Advisory: https://amdflaws.com/
Joel Odom leads a team of researchers focused on software security as branch head for the Cybersecurity, Information Protection, and Hardware Evaluation Research (CIPHER) Laboratory at the Georgia Tech Research Institute. He and his team research static and dynamic software analysis, software testing techniques, software reverse engineering, and software vulnerability discovery and mitigation.