CTS Lab is the Israeli security firm that published the report revealing the critical Spectre like exploits to which virtually all AMD CPUs are vulnerable, however, questions were raised due to the lack of proof-of-concept for the security exploits and some started to question the legitimacy of the report and the firm itself.
However, the firm has revealed that it has sent out the proof-of-concept for the Spectre like exploits to not only AMD but to other major tech companies.
In a statement to Techpowerup, the firm said that it has sent out “complete research package” to AMD, Microsoft, HP, Dell, Symantec, FireEye, and Cisco Systems which includes full technical write-ups about the vulnerabilities, functional proof-of-concept exploit code along with the instructions detailing how to recreate the exploits.
However, the security firm was somewhat criticized over giving AMD just 24 hours before making the report public because usually, the firms give 90 days margin to the company before the report is made public.
However, CTS Lab has asked everyone to look at the situation objectively as the AMD costumers and the company itself are aware of the exploits.
If you look at the situation in the following way: right now the public knows about the vulnerabilities and their implications, AMD is fully informed and developing patches, and major security companies are also informed and working on mitigation.
On the other hand, AMD has neither confirmed nor denied that the exploits, mentioned in the report, do indeed exist and has only stated that it is investigating the exploits and prioritizes the security of its customers.
These exploits emerged following AMD claiming that AMD ZEN 2 architecture in immune to Spectre and meltdown. Not only that the company claimed that the architecture will be safe from potential exploits that could be found in the future.
What is your take on the situation? Let us know in the comments.