Just recently, CTS Labs reported 13 AMD security exploits and claimed that virtually all AMD CPUs are vulnerable to these exploits. However, the lack of proof-of-concept in the report raised questions regarding the legitimacy of the report but, AMD has seemingly confirmed the flaws and will be rolling out fixes in coming weeks.
According to the company, these AMD security exploits grant the users unrestricted access to a system and gives the right to delete or create anything within the system.
It’s important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings.
However, AMD has assured that it will be rolling out fixes for these security exploits soon so all the AMD CPU owners will have to wait a bit. Also, AMD has noted that these fixes or patches won’t affect the performance and the exploits themselves are not relates to Spectre and Meltdown exploits.
As for the lack of proof-of-concept in the report, the firm itself confirmed that they sent out the proof-of-concept for the Spectre-like exploits to not only AMD but to other major tech companies.
While AMD has confirmed that the security exploits can potentially put devices at risk but according to Linux creator, the report looks more like stock manipulation than a security advisory.
He further criticized that is you replace the “BIOS or the CPU microcode with an evil version, you might have a security problem?’ Yeah”.
In related news, AMD has cut prices for the existing Ryzen products in anticipation of the upcoming Ryzen 2000 CPUs and APUs. The products that have received a price cut include Ryzen Threadripper 1920X, Ryzen Threadripper 1950X, Ryzen 3 1300X, Ryzen 7 1700X, Ryzen 7 1800X and more.