Woody Leonhard's no-bull news, tips and help for Windows, Office and more… Please disable your ad blocker – our (polite!) ads help keep AskWoody going!
Home icon Home icon Home icon Email icon RSS icon
  • AMD Ryzen processor vulnerability

    Posted on March 13th, 2018 at 20:49 woody Comment on the AskWoody Lounge

    It’s been all over the news, but I’m not yet convinced that there’s anything there, there.

    Dan Goodin at Ars Technica has a technical analysis:

    The flaws—in AMD’s EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile lines of processors—require attackers to first gain administrative rights on a targeted network or computer, which is a hurdle that’s difficult but by no means impossible to clear. From there, attackers can exploit the vulnerabilities to achieve a variety of extraordinary feats that would be catastrophic for the owners’ long-term security.

    That — and the whole super-hyped marketing pitch — have given me pause.

    I like the balance from Kevin Beaumont on his personal blog:

    I would encourage security researchers not to disclose vulnerabilities like this. If you have vulnerabilities that you truly think are serious and truly want to provide information so people can protect themselves, work to get them resolved and work with the cyber security community around mitigations. The only real public exploit here at the moment is a press exploit. This situation should not be happening.

    Which is exactly why I’m not going to write anything about it for Computerworld.

    If that helped, take a second to support AskWoody on Patreon

    Home Forums AMD Ryzen processor vulnerability

    This topic contains 11 replies, has 8 voices, and was last updated by  anonymous 1 day, 5 hours ago.

    • Author
    • #175389 Reply

      Da Boss

      It’s been all over the news, but I’m not yet convinced that there’s anything there, there. Dan Goodin at Ars Technica has a technical analysis: The fl
      [See the full post at: AMD Ryzen processor vulnerability]

      7 users thanked author for this post.
    • #175405 Reply

      AskWoody Lounger

      Once again Da Boss demonstrates that discretion indeed is the better part of valor.

      1 user thanked author for this post.
    • #175421 Reply

      AskWoody MVP

      My first thought when I read those people gave just a few hours to AMD instead of the normal 90days before disclosure was that they had bad motives. Why would you do that? So you can get publicity for those little names you gave those issues before researchers find them not important enough or have mitigated them? Or maybe you are sponsored by a competitor or someone who has an interest in seeing AMD not succeed with its new processors? That is really fishy and I applaud Woody for not contributing to the noise.

      3 users thanked author for this post.
      • #175595 Reply


        Well put. I share similar feelings about this. Something is really fishy.

        Some also have hypothesized it was a targeted “stock shock” towards AMD. Whoever is running and/or funding CTS behind the scenes has “shown his quality” (Faramir, from Lord of the Rings).

        Part of me wouldn’t be surprised if Intel was behind this via many shell companies. But there are also a lot of so-called “security researchers” who want nothing more than to make a name for themselves. They’re not interested in things like responsible disclosure, industry courtesy, and customer protection.

    • #175471 Reply


      So, WaaS new ! Intel ME/AMT/vPro/Minix is not secure. AMD Platform Security Processor is also not secure.

      Keep in mind that both co-processors are sold as a business feature for Remote Computer Management where a Windows IT Admin can remotely power up the company’s computers at a remote location(eg at an overseas branch) to be able to even reinstall the OS remotely, as long as the remote and dormant computers are connected to the AC wall outlet and router.
      Both the master and client/remote computers have to be properly setup to utilize this feature, eg enabled in BIOS firmware, password set, a specialized 3rd-party program installed, etc. Please refer to … https://www.howtogeek.com/56538/how-to-remotely-control-your-pc-even-when-it-crashes/

      So, if a hacker could steal the credentials/password of such a Windows IT Admin, he/she already has the key to the “kingdom” or the company’s “treasures”, eg plant persistent malware/ransomware in all the company’s computers locally and remotely – no need to hack Intel ME/AMT or AMD PSP.

    • #175496 Reply

      AskWoody Lounger

      Were still waiting for the whole Meltdown/Spectre thing to fire up. So far much to do about nothing. Maybe we will see more with AMD maybe not, even a validated POC doesn’t mean imminent doom.

      1 user thanked author for this post.
    • #175514 Reply

      The Surfing Pensioner
      AskWoody Lounger

      It did cross my mind that in all the furore about Spectre/Meltdown vulnerabilities, future exploits were being virtually blueprinted for anyone with the technical ability and the malice to want to circulate them.

    • #175562 Reply

      AskWoody Lounger

      Intel and their stockholders must be ecstatic


    • #175578 Reply


      I actually do think this needs coverage but not in the regular way, but more along the lines of the “Streissand effect” against Viceroy and CTS Labs.

      Viceroy are on their 3rd strike on launching a critical report to lower share values on the stock market, and are currently under investigation in Germany for one of their previous ones:



      We know of many cases where software vulnerabilities are weaponized for various reasons, mostly espionage, but this seems to be the most blatant case of weaponizing software vulnerabilities to result in a tank at the stock market.

      Malicious intent with previous “hit-jobs” following the same trend should ultimately result in enough bad publicity and legal consequences to render this current and future “hit-jobs” powerless.

      2 users thanked author for this post.
    • #175605 Reply

      AskWoody MVP

      Meh, another mitigation protection to disable in Windows

    • #175933 Reply


      Is this even news?  Ryzen is first generation of a new processor architecture with only a year under its belt.  Greater amount of firmware bugs should be expected for the next couple years, and the majority of these exploits are just that and fixable.

      What I don’t see in the report is any mention of legitimate hardware errors.  The one hardware problem (Chimera) affects the northbridge of the x370 chipset boards.  It’s also unclear how they could affect this outside of having physical access to the motherboard to manipulate the Direct Memory Access (DMA) channel between bridge and cpu.  Likewise their proof of concept hasn’t been capable of doing anything, only shown that they could upload arbitrary code.

      This isn’t something like a 20 year flaw in architecture design, these are teething problems of a new system.

    Please follow the -Lounge Rules- no personal attacks, no swearing, and politics/religion are relegated to the Rants forum.

    Reply To: AMD Ryzen processor vulnerability

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.

    Your information: