Wednesday, December 19th 2012
It looks like somebody found a security vulnerability in the auto-update feature of AMD Catalyst Control Center (CCC), which notifies you of updates to Catalyst system software and directs you to the download page. AMD announced that it plans to discontinue the feature starting in 2013, and recommends that you get your driver updates the old-fashioned way: by keeping up with the news and getting your drivers from the internet. Due to the severity of the exploit, AMD recommended users to disable auto-updates in their current CCC configuration, or click on "skip" whenever it prompts you to update drivers. AMD stated:
AMD will be removing the auto-update notification functionality from versions of AMD Catalyst Control Center running under Windows Vista, Windows 7 and Windows 8, beginning in early 2013. Due to a minor security vulnerability in the auto-update notification, users are recommended to update to the latest AMD Catalyst driver release from the amd.com web site. Alternatively, users should (i) uncheck the "Automatically check for updates" option under AMD Catalyst Control Center > Information > Software Update, and (ii) choose to "Skip" notifications from the AMD Catalyst driver, which notifications recommend updating to the latest driver.