After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip (bleepingcomputer.com)

← Back to Stories (view on slashdot.org)

After Intel ME, Researchers Find Security Bug In AMD's SPS Secret Chip-on-Chip (bleepingcomputer.com)

Posted by EditorDavid on Sunday January 7, 2018 @08:34AM from the in-the-chips dept.

An anonymous reader writes: AMD has fixed, but not yet released BIOS/UEFI/firmware updates for the general public for a security flaw affecting the AMD Secure Processor. This component, formerly known as AMD PSP (Platform Security Processor), is a chip-on-chip security system, similar to Intel's much-hated Management Engine (ME). Just like Intel ME, the AMD Secure Processor is an integrated coprocessor that sits next to the real AMD64 x86 CPU cores and runs a separate operating system tasked with handling various security-related operations.

The security bug is a buffer overflow that allows code execution inside the AMD SPS TPM, the component that stores critical system data such as passwords, certificates, and encryption keys, in a secure environment and outside of the more easily accessible AMD cores. Intel fixed a similar flaw last year in the Intel ME.

6 of 76 comments (clear)

Min score:

Reason:

Sort:

Not the same? Not an actual backdoor? by Futurepower(R) · 2018-01-07 08:44 · Score: 5, Informative

Quote from a complaining comment about the Bleeping Computer story: "Garbage FUD probably hired by Intel, and it wouldn't be surprising. In order to exploit AMD's TPM (which is an easy BIOS fix) the hacker needs physical access to the motherboard... at that point the hacker may as well have armed forces hijack the data center."
1. Re:Not the same? Not an actual backdoor? by Anonymous Coward · 2018-01-07 09:12 · Score: 4, Informative
  
  This AMD PSP vuln requires prerequisite physical access.
2. Re:Not the same? Not an actual backdoor? by BlueCoder · 2018-01-07 09:51 · Score: 3, Interesting
  
  No it isn't the same. Until you show me that it can be used through a network attack. While it is a security bug it's relevant to a TPM boot chain.
  Who is using TPM? I've considered getting one at home just to play around with it.
  To me TPM has been in perpetual development because of bugs. And honestly until there are BIOS setting which enable ME to manage all of it's keys then I will never trust it.
3. Re:Not the same? Not an actual backdoor? by serviscope_minor · 2018-01-07 10:06 · Score: 3, Insightful
  
  Because buffer overflows are only usable with physical access?
  doesn't that depend on what the buffer overflow exploit is in?
  I have not RTFA because this is slashdot, but buffer overflows are not de-facto remote exploits. If the buffer is accessible via the network, you're in the crap. If it's only available locally then it's only a local exploit.
  Of course local priviledge elevation is bad because that's only one remote unpriviliged exploitation away from being a remote root access. No idea what this one is.
  Either way though, that obnoxious bastard Stallman was fucking right again[*].
  Can't see the source, can't fix it, can't trust it.
  [*]Part of his obnoxiousness is consistently being right about paranoid, inconvenient things.
  
  --
  SJW n. One who posts facts.
Luckily it can be officially disabled... by HalAtWork · 2018-01-07 09:12 · Score: 4, Informative

...at least when mainboard makers support the option in UEFI.
https://www.phoronix.com/scan....

--
Twinstiq, game news
Re:iRONY by DontBeAMoran · 2018-01-07 09:17 · Score: 3, Interesting

It seems that particular AMD bug can by disabled/bypassed by a BIOS/UEFI update, so the suggestion is still valid.

--
#DeleteFacebook