• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

13 Major Vulnerabilities Discovered in AMD Zen Architecture, Including Backdoors

Joined
Apr 16, 2010
Messages
3,141 (1.03/day)
Likes
1,124
Location
Portugal
System Name _JP_'s Daily Driver
Processor AMD Ryzen 7 1700
Motherboard MSI X370 Gaming Plus
Cooling Noctua NH-C12P SE14 + NM-AM4 + NF-P14r
Memory 2x 8GB G.Skill Trident Z (F4-3200C16D-16GTZB)(Hynix)
Video Card(s) MSI AMD Radeon R9 280X Gaming
Storage HyperX Savage 240GB + KC300 240GB + 750EVO 500GB
Display(s) LG Flatron W2361V 23'' FHD
Case NOX Blaze
Audio Device(s) ASUS Xonar DX
Power Supply Corsair TX650M
Mouse Microsoft Comfort Mouse 4500
Keyboard Logitech Media Keyboard (PS/2)
Software Windows 10 x86-64 (1703)
Subjectively speaking, compared to Meltdown attack page, this one has waaaay too many AMD logos. Without reading the text, one might actually mistake it for an ad! Count me up holding a pitchfork if Intel turned out to have a hand in this.

Objectively speaking, smear campaign or no, a vulnerability is a vulnerability. I'm personally quite illiterate on this matter so I'll defer judgement until "for dummies-"style security expert blog posts and articles start popping up.
If proved true, the usual applies.
Common sense running programs and visiting the internet, make sure you have backups (cold ones preferably), patch as soon as possible.
When it can survive a reinstall it's still a big issue. If these flaws are confirmed they are fairly signifigant.

As I said earlier, 2018 is going to be a rough year for processor security...
Only if it's embedded in firmware, but to reach that far, so much needs to be compromised to begin with...
 
Joined
Mar 23, 2016
Messages
1,338 (1.53/day)
Likes
1,529
Location
AK, USA
Processor Ryzen 5 2600X - 4.1 GHz
Motherboard MSI B350M Gaming Pro
Cooling Scythe Kotetsu with AM4 bracket
Memory PNY Anarchy-X XLR8 Red DDR4 3200 MHz C16
Video Card(s) XFX RS RX 480 GPU @ 1288 MHz - 1.040 mV from 1.175 | GDDR5 @ 2100 MHz
Storage Samsung 850 EVO 250 GB, SanDisk Ultra II 480 GB
Display(s) IP2362 OCed refresh rate - 76Hz (Freesync supported over HDMI with CRU)
Case Phantek Eclipse P400S (PH-EC416PS)
Audio Device(s) Realtek ALC887 (dead)
Power Supply EVGA 850 BQ
Mouse Kingston HyperX Pulsefire FPS
Keyboard Logitech K520
Software Windows 10 Professional 64-bit
We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise. We will update this blog as news develops.
http://ir.amd.com/news-releases/news-release-details/view-our-corner-street-0
 
Joined
Jan 4, 2017
Messages
297 (0.50/day)
Likes
662
Location
Ohio
System Name Penny the Cruncher/Wilson The Cruncher/The Gaming PC/WILSON2
Processor 2x Xeon x5550@2.66Ghz/ i7 3770@3.5Ghz/ i7 3770K@3.5Ghz/2x Xeon x5675@ 3.06Ghz
Memory 32 GB DDR3/ 16GB DDR3/ 16GB DDR3/20GB DDR3
Video Card(s) Onboard/ Onboard/ NVIDIA GeForce GTX 980/Onboard
Storage 6x 10k SAS 72GB/ 500GB Standard HDD/ 512 GB M.2/3x 10k SAS 72GB
Case Dell PowerEdge r610 Chassis/Dell Vostro Chassis/ NZXT Case/Dell PowerEdge R610 Chassis
Software VMware Cluster on Servers
I kinda agree with AMD's point of view in that news release. If it is truly the case, releasing the CVE's without telling the vendor first seems counterproductive. I wouldn't go as far as to say this is fishy, but like I said earlier, once it ends up on a more official channel, I'll be more inclined to believe it.
 
Joined
Nov 3, 2013
Messages
928 (0.53/day)
Likes
803
Location
Tokyo, Ota
Processor i5 - 7300HQ
Memory 8GB DDR4
Video Card(s) 1060 6GB
Storage 180GB m.2 SATA | 250GB 850Evo SATA
Display(s) FHD 15" Gsync IPS + Acer H243H
Mouse Rival 300
Keyboard Apex m500 (mx red)
I like how @FordGT90Concept put more effort in investigating than the TPU editorial that published the article.

On a different note, stock actually rose. Not by much, and it looks stable at the moment, but nonetheless.


1.png
 
Joined
Mar 18, 2008
Messages
3,332 (0.88/day)
Likes
2,339
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) Sapphire R9 Fury X
Storage Samsung 960 Pro 1TB, Crucial MX200 500GB
Display(s) Acer K272HUL, HTC Vive
Case Fractal Design R5
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
Software Windows 10 Professional/Linux Mint
I like how @FordGT90Concept put more effort in investigating than the TPU editorial that published the article.

On a different note, stock actually rose. Not by much, and it looks stable at the moment, but nonetheless.


View attachment 98284
Agree. This entire thing feels like a huge PR scam from the Isreal based “security” firm.
 
Joined
Feb 17, 2017
Messages
479 (0.88/day)
Likes
136
Location
Italy
Processor i7 2600K
Motherboard Asus P8Z68-V PRO/Gen 3
Cooling ZeroTherm FZ120
Memory G.Skill Ripjaws 4x4GB DDR3 @ 1600MHz
Video Card(s) MSI GTX 1060 6G Gaming X
Storage Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s) Samsung PX2370 + Acer AL1717
Case Antec 1200 v1
Audio Device(s) Sound Blaster X G5
Power Supply Enermax Modu87+ 800W
Mouse Logitech G403
Keyboard Logitech G513
There always be flaws, there are 2 types, deliberate ones and unnoticed ones....
And we always know that when we're talking about AMD, it's ALWAYS the second. Unlike other companies... :mad:
 
Joined
Dec 14, 2009
Messages
6,933 (2.19/day)
Likes
6,370
Location
Glasgow - home of formal profanity
System Name New Ho'Ryzen
Processor Ryzen 1700X @ 3.82Ghz
Motherboard Asus Crosshair VI Hero
Cooling TR Le Grand Macho & custom GPU loop
Memory 16Gb G.Skill 3200 RGB
Video Card(s) GTX1080ti (Heatkiller WB) @ 2Ghz core/1.5(12)Ghz mem
Storage Samsumg 960 Pro m2. 512Gb
Display(s) Dell Ultrasharp 27" (2560x1440)
Case Lian Li PC-V33WX
Audio Device(s) On Board
Power Supply Seasonic Prime TItanium 850
Software W10
Benchmark Scores Look, it's a Ryzen on air........ What's the point?
Agree. This entire thing feels like a huge PR scam from the Isreal based “security” firm.
No, it's all salty tears from us. :rolleyes:

And yes, too many people trying to be 'no, this is a big thing' when really, it's not such a biggie given the practicality of the process involved in the security issue. And really, it's too glossy to be anything other than a negative PR campaign, NOT a bona fide security issue notice (like how Google played it's role last year with along NDA). This is threat PR. Only the naive folk here can't see that.
 
Low quality post by Konceptz
Joined
Sep 23, 2008
Messages
229 (0.06/day)
Likes
50
Location
Richmond,VA
Processor FX8350 @ 4.6ghz
Motherboard MSI 990FX-GD80 v2
Cooling Hyper 212 evo
Memory 16gb G.Skill 1866 8-9-9-24
Video Card(s) Sapphire Radeon 7950
Storage Samsung 512GB 850 Pro SSD ; 3 x 1TB Seagate Drives Standalone
Display(s) Twin Dell E2215H
Case Rosewill Blackhawk Ultra
Power Supply Seasonic 850X Full Modular
Software Windows 10 Pro 64bit
Wonder how much Intel paid for this?:laugh:
 
Joined
Jul 18, 2017
Messages
112 (0.28/day)
Likes
33
The double standard is real. Let's jump the gun and defame the researchers because this is AMD and not Intel. Hell, the AMD defense force has yet to provide actual evidence to discredit each of those findings but somehow someway found a way to link this to Intel. This AMD circlejerk culture, even though it's a vocal minority, has to stop.
 
Joined
Feb 17, 2017
Messages
479 (0.88/day)
Likes
136
Location
Italy
Processor i7 2600K
Motherboard Asus P8Z68-V PRO/Gen 3
Cooling ZeroTherm FZ120
Memory G.Skill Ripjaws 4x4GB DDR3 @ 1600MHz
Video Card(s) MSI GTX 1060 6G Gaming X
Storage Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s) Samsung PX2370 + Acer AL1717
Case Antec 1200 v1
Audio Device(s) Sound Blaster X G5
Power Supply Enermax Modu87+ 800W
Mouse Logitech G403
Keyboard Logitech G513
Joined
Sep 23, 2008
Messages
229 (0.06/day)
Likes
50
Location
Richmond,VA
Processor FX8350 @ 4.6ghz
Motherboard MSI 990FX-GD80 v2
Cooling Hyper 212 evo
Memory 16gb G.Skill 1866 8-9-9-24
Video Card(s) Sapphire Radeon 7950
Storage Samsung 512GB 850 Pro SSD ; 3 x 1TB Seagate Drives Standalone
Display(s) Twin Dell E2215H
Case Rosewill Blackhawk Ultra
Power Supply Seasonic 850X Full Modular
Software Windows 10 Pro 64bit
The double standard is real. Let's jump the gun and defame the researchers because this is AMD and not Intel. Hell, the AMD defense force has yet to provide actual evidence to discredit each of those findings but somehow someway found a way to link this to Intel. This AMD circlejerk culture, even though it's a vocal minority, has to stop.
Any evidence to credit said researchers? Ford pointed out many points that back up the smear campaign theory...that surprisingly is shared by a LOT of people across the web. Don't let my avatar fool you, my alliance is purely to price/performance ratio.
 
Joined
Mar 10, 2010
Messages
5,439 (1.76/day)
Likes
1,878
Location
Manchester uk
System Name Quad GT evo V
Processor FX8350 @ 4.6ghz1.435c NB2.44ghz Ht2.64ghz
Motherboard Gigabyte 990X Gaming
Cooling 360EK extreme 360Tt rad all push/pull, cpu,NB/Vrm blocks all EK
Memory Corsair vengeance 16Gb @1600 cas8
Video Card(s) Rx vega 64 waterblockedEK
Storage samsung 840(250OS), WD 1Tb+2Tb +3Tbgrn, 1tb seagate sshd hybrid(games)
Display(s) Samsung uea28"850R 4k freesync, LG 49" 4K 60hz ,Oculus
Case Custom(modded) thermaltake Kandalf
Audio Device(s) Xfi creative 7.1 on board ,Yamaha dts av setup
Power Supply corsair 1200Hxi
Mouse CM optane
Keyboard CM optane
Software Win 10 Pro
Benchmark Scores 15.69K best overall sandra so far 6600 3dmark
Wow did'nt see this coming :rolleyes::D

the brassy-ballsy-ness and general bling of this new security firm is amazeballs, their in the wrong game regardless ,they should have definately been a PR company, they have skills.
Even the numbers, 13 vulnerabillities found,wow unlucky for someo_O but a few listed , should'nt it read like the ten commandments plus , not like a supervillan squad.

And I'm loving the balanced views personally(genuinely and not sarcastic), yes there is a bit of salt ,why not , opinions can get that way but i thought this thread would be much worse, might taint my purchasing options but well see yet, It's not like there are options after all ,power-pc maybe?? or a new chinese developed chip er no:D
 
Last edited:
Joined
Feb 17, 2017
Messages
479 (0.88/day)
Likes
136
Location
Italy
Processor i7 2600K
Motherboard Asus P8Z68-V PRO/Gen 3
Cooling ZeroTherm FZ120
Memory G.Skill Ripjaws 4x4GB DDR3 @ 1600MHz
Video Card(s) MSI GTX 1060 6G Gaming X
Storage Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s) Samsung PX2370 + Acer AL1717
Case Antec 1200 v1
Audio Device(s) Sound Blaster X G5
Power Supply Enermax Modu87+ 800W
Mouse Logitech G403
Keyboard Logitech G513

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
22,346 (6.21/day)
Likes
11,424
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
Let's jump the gun and defame the researchers because this is AMD and not Intel.
The "researchers" jumped the gun. AMD hasn't even had time yet to reproduce them for verification purposes.

When Specter and Meltdown went public, it was huge news because despite having six months to work on it, they weren't even close to fixing it. Even if one of these 13 ends up being legit, it most likely could have been quietly fixed without any fanfare. In this case, everything the "researchers" did was about maximizing fanfare. That should concern everyone. I hope this doesn't become the new norm but it could.
 
Last edited:
Joined
Apr 10, 2013
Messages
234 (0.12/day)
Likes
121
Location
Michigan, USA
Processor AMD 1700X
Motherboard Crosshair VI Hero
Memory F4-3200C14D-16GFX
Video Card(s) GTX 1070
Storage 960 Pro
Display(s) PG279Q
Case HAF X
Power Supply Silencer MK III 850
Mouse Logitech G700s
Keyboard Logitech G105
Software Windows 10
AMD provided us with the following statement: "We have just received a report from a company called CTS Labs claiming there are potential security vulnerabilities related to certain of our processors. We are actively investigating and analyzing its findings.
So AMD wasn't able to discredit the claims after 36 hours of research. Probably some verified vulnerabilities then as they only take a short time to verify. Ugly mess how it was released; a serious security company would WANT the mfg to fix the problems not benefit by exposure. AMD will fix.
 
Joined
Mar 18, 2008
Messages
3,332 (0.88/day)
Likes
2,339
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) Sapphire R9 Fury X
Storage Samsung 960 Pro 1TB, Crucial MX200 500GB
Display(s) Acer K272HUL, HTC Vive
Case Fractal Design R5
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
Software Windows 10 Professional/Linux Mint
Power of Reddit. Entire video footage of their “security firm” is all just green screened. Someone over reddit found all the available stock background this firm used for their video.

I am not just calling this BS now, this is market manipulation and scam. Shame on tech sites that took it and run with it WITHOUT doing their own homework. GT90 did way more research than the editors here

A5E4ACFE-84CC-4997-94AE-460A5C7C918F.jpeg
 
Joined
Feb 17, 2017
Messages
479 (0.88/day)
Likes
136
Location
Italy
Processor i7 2600K
Motherboard Asus P8Z68-V PRO/Gen 3
Cooling ZeroTherm FZ120
Memory G.Skill Ripjaws 4x4GB DDR3 @ 1600MHz
Video Card(s) MSI GTX 1060 6G Gaming X
Storage Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s) Samsung PX2370 + Acer AL1717
Case Antec 1200 v1
Audio Device(s) Sound Blaster X G5
Power Supply Enermax Modu87+ 800W
Mouse Logitech G403
Keyboard Logitech G513
Power of Reddit. Entire video footage of their “security firm” is all just green screened. Someone over reddit found all the available stock background this firm used for their video.

I am not just calling this BS now, this is market manipulation and scam. Shame on tech sites that took it and run with it WITHOUT doing their own homework. GT90 did way more research than the editors here
Wow, you're soo keen man
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
22,346 (6.21/day)
Likes
11,424
Location
IA, USA
System Name BY-2015
Processor Intel Core i7-6700K (4 x 4.00 GHz) w/ HT and Turbo on
Motherboard MSI Z170A GAMING M7
Cooling Scythe Kotetsu
Memory 2 x Kingston HyperX DDR4-2133 8 GiB
Video Card(s) PowerColor PCS+ 390 8 GiB DVI + HDMI
Storage Crucial MX300 275 GB, Seagate 6 TB 7200 RPM
Display(s) Samsung SyncMaster T240 24" LCD (1920x1200 HDMI) + Samsung SyncMaster 906BW 19" LCD (1440x900 DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay
Audio Device(s) Realtek Onboard, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse SteelSeries Sensei RAW
Keyboard Tesoro Excalibur
Software Windows 10 Pro 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
So AMD wasn't able to discredit the claims after 36 hours of research. Probably some verified vulnerabilities then as they only take a short time to verify. Ugly mess how it was released; a serious security company would WANT the mfg to fix the problems not benefit by exposure. AMD will fix.
Not really. If all they provided is a white paper, AMD has to author its own tools then they have to run said tools against a variety of hardware. If the tools indicate some truth to the claims, they have to dig deeper and find out why. The why indicates whether or not it is something that needs to be fixed or not, and how. This process will likely take a month.
 
Joined
Dec 31, 2009
Messages
12,355 (3.92/day)
Likes
6,904
Location
Ohio
System Name Daily Driver
Processor 7960X 4.5GHz 16c/16t 1.17V
Motherboard MSI XPower Gaming Titanium
Cooling MCR320 + Kuplos Kryos NEXT CPU block
Memory GSkill Trident Z 4x8 GB DDR4 3600 MHz CL16
Video Card(s) EVGA GTX 1080 FTW3
Storage 512GB Patriot Hellfire, 512GB OCZ RD400, 640GB Caviar Black, 2TB Caviar Green
Display(s) 27" Acer Predator 2560x1440 144hz IPS + Yamakasi 27" 2560x1440 IPS
Case Thermaltake P5
Power Supply EVGA 750W Supernova G2
Benchmark Scores Faster than most of you! Bet on it! :)
They provided instructions on how to recreate the issues 'found'. ;)
 
Joined
Jul 29, 2015
Messages
18 (0.02/day)
Likes
10
Processor I7 4770k
Cooling Corsair H100i
Memory 16 gigs
Video Card(s) MSI 390x 8gb
Storage 1tb SSD, 2 512gb in raid 0
Display(s) ASUS MG279Q Black 27" IPS 144Hz
Power Supply 1000w
Mouse Death Adder
Keyboard Microsoft Gaming keyboard thingy
Power of Reddit. Entire video footage of their “security firm” is all just green screened. Someone over reddit found all the available stock background this firm used for their video.

I am not just calling this BS now, this is market manipulation and scam. Shame on tech sites that took it and run with it WITHOUT doing their own homework. GT90 did way more research than the editors here

View attachment 98286
I'm upgrading to Zen+ after seeing this. Good bye i7, wonder if Intel is behind this or some former crypto miners looking for a quick buck manipulating AMD stocks.
 
Joined
Feb 17, 2017
Messages
479 (0.88/day)
Likes
136
Location
Italy
Processor i7 2600K
Motherboard Asus P8Z68-V PRO/Gen 3
Cooling ZeroTherm FZ120
Memory G.Skill Ripjaws 4x4GB DDR3 @ 1600MHz
Video Card(s) MSI GTX 1060 6G Gaming X
Storage Samsung 830 Pro 256GB + WD Caviar Blue 1TB
Display(s) Samsung PX2370 + Acer AL1717
Case Antec 1200 v1
Audio Device(s) Sound Blaster X G5
Power Supply Enermax Modu87+ 800W
Mouse Logitech G403
Keyboard Logitech G513
I'm upgrading to Zen+ after seeing this. Good bye i7, wonder if Intel is behind this or some former crypto miners looking for a quick buck manipulating AMD stocks.
Intel, and also nvidia, are most definitely behind this man, get rid of your i7, just do it...
 
Joined
Dec 31, 2009
Messages
12,355 (3.92/day)
Likes
6,904
Location
Ohio
System Name Daily Driver
Processor 7960X 4.5GHz 16c/16t 1.17V
Motherboard MSI XPower Gaming Titanium
Cooling MCR320 + Kuplos Kryos NEXT CPU block
Memory GSkill Trident Z 4x8 GB DDR4 3600 MHz CL16
Video Card(s) EVGA GTX 1080 FTW3
Storage 512GB Patriot Hellfire, 512GB OCZ RD400, 640GB Caviar Black, 2TB Caviar Green
Display(s) 27" Acer Predator 2560x1440 144hz IPS + Yamakasi 27" 2560x1440 IPS
Case Thermaltake P5
Power Supply EVGA 750W Supernova G2
Benchmark Scores Faster than most of you! Bet on it! :)
I think you are forgetting about the government too... they are watching, and listening, you know................... :roll: :lovetpu:
 
Joined
Apr 10, 2013
Messages
234 (0.12/day)
Likes
121
Location
Michigan, USA
Processor AMD 1700X
Motherboard Crosshair VI Hero
Memory F4-3200C14D-16GFX
Video Card(s) GTX 1070
Storage 960 Pro
Display(s) PG279Q
Case HAF X
Power Supply Silencer MK III 850
Mouse Logitech G700s
Keyboard Logitech G105
Software Windows 10
They provided instructions on how to recreate the issues 'found'. ;)
Yes. And google images and stutterstock added those green screen backgrounds 6 hours ago. Even the discredits are discredited... what a world!

This just got a mention on CNBC so watch that stock now that someone knows.
 
Joined
Oct 28, 2012
Messages
291 (0.14/day)
Likes
134
Processor AMD Ryzen 1700x
Motherboard asus ROG Strix B-350I Gaming
Cooling cooler master masterliquid 240
Memory Gskill Aegis 2x 8GB DDR4
Video Card(s) GTX 1060 (3Gb)
Storage Samsung 960 evo 256 Gb Seagate 2To sandisk ultra plus 256GB; Toshiba 2TB
Display(s) LG 25UM58
Case Ncase M1
Audio Device(s) sennheiser HD58X
Power Supply Corsair SF 600w
Mouse Corsair scimitar pro
Keyboard Corsair k55 RGB
Software win 10 pro
(I know that motherboard isn't exactly a reference, but I'm curious to see how thing are going to evolve from there, dan guido and trail of bits are apparently not on the shady side.)
https://motherboard.vice.com/en_us/...ssor-ryzen-epyc-vulnerabilities-and-backdoors
" All 13 vulnerabilities are exploitable, according to Dan Guido, the founder of security firm Trail of Bits, whose researchers reviewed the flaws and exploit code before publication last week.
“Each of them works as described,” Guido told me in a phone call.

It’s important to note that all these vulnerabilities require hackers to get on the computers and gain administrative privileges some other way first, such as with a phishing attack that tricks the victim into running a malicious application, according to the CTS researchers and Guido.

This means that they are “second stage” vulnerabilities, which would allow attackers to move from computer to computer inside the same network, or install malware directly inside the processor that can’t get detected by security software. This would allow an attacker to spy on the target without detection."
So apparently those guys send a detailed document to trails of bits, a week before but choosed to alert AMD just 24h before. (How nice of them).
According to this guy the flaws are real:

 
Last edited:
Top