AMD Says Patches Coming Soon For Chip Vulnerabilities

wiredmikey writes: After investigating recent claims from a security firm that its processors are affected by more than a dozen serious vulnerabilities, chipmaker Advanced Micro Devices (AMD) says patches are coming to address several security flaws in its chips. In its first public update after the surprise disclosure of the vulnerabilities by Israeli-based security firm CTS Labs, AMD said the issues are associated with the firmware managing the embedded security control processor in some of its products (AMD Secure Processor) and the chipset used in some socket AM4 and socket TR4 desktop platforms supporting AMD processors.

AMD said that patches will be released through BIOS updates to address the flaws, which have been dubbed MASTERKEY, RYZENFALL, FALLOUT and CHIMERA. The company said that no performance impact is expected for any of the forthcoming mitigations.

Re:"Vulnerabilities"

The list of vulnerabilities require administrator access. I doubt real security researchers would even consider that a vulnerability.

It's a vulnerability, it's just not one that warrants much concern. This comic comes to mind, though the caption should be "they can install drivers, replace the entire system, read any file they want, sniff all my packets, login to my facebook, my email, etc.. but at least they can't replace my BIOS, or read super-secret areas of the CPU!"