In an article entitled “One problem to rule them all“(Something like” a problem to rule them all “), the researchers claim that all AMD EPYC server processors and all architectural generations are vulnerable. But, before you alarm (in case you have one of these processors), be aware that this only affects the virtualization security system and, in addition, it is necessary to have physical access to the machine.
What is this security flaw in AMD EPYC processors?
The entire family of AMD EPYC processors, regardless of generation, use what they call AMD Secure Encrypted Virtualization, which uses the secure PSP processor contained in these chips to encrypt communications. The researchers cite that according to AMD, the secure processor protects virtual machines from external attacks, such as hosting software issues and malicious administrators.
The error is called “voltage fault injection attack” and is based on the possibility of changing the input voltage of the ROM (read only memory) in the bootloader of this secure processor. This allows a malicious attacker to take over the entire root of processor confidence, giving you access to almost the entire system.
At the start of the year, AMD already announced that it was aware of two security vulnerabilities linked to secure encrypted virtualization, and both had to do with code injection attacks, but now it looks like there are three issues they face. Recall that a large majority of AMD EPYC processors are sold for virtualization environments, which means that we could be faced with thousands and thousands of affected servers.
It appears that in this newly discovered vulnerability, hardware attacks can bypass the security capabilities of this secure processor, despite the fact that Milan processor (EPYC 7003) they are constantly receiving security updates against these types of issues. Of course, as we mentioned at the beginning, it is necessary to have physical access to the hardware in order to be able to take control of it, so the security failure should not have consequences in the first place.
Are AMD processors dangerous?
From what one might call the “great controversy over information security” of what we have been doing for a decade, the question of Merger Yes Spectrum that occurred in 2018, the issue of the security of AMD and Intel processors has always been questioned. Not long ago, we told you that right now Intel is racking up 486 vulnerabilities to fix for just 21 (well, now 22) of AMDs, so it certainly looks like AMD process ors could be more secure than those of Intel, or what researchers are placing more emphasis on questioning the security of the processors of the blue.
In any case, one could say that we are in a kind of paradox in which all processors are potentially dangerous (since new vulnerabilities are constantly being discovered) but they are also very secure, since both companies put a lot of effort into so be it. . In fact, as soon as a serious new vulnerability is discovered, they usually focus on it until fix it quickly. Why then do they accumulate so many unsolved? Because they are not serious, they do not affect confidential data, and therefore they are not a priority, no more and no less.
So, and answering the question: no, AMD’s processors (nor those from Intel) they are not dangerous, and in fact, we can be sure that the security systems they are built into really work. Ultimately, in most cases where a vulnerability affects a processor, physical access to the machine is required, and it would be difficult for someone with the knowledge and hardware to gain access to our PC to steal our. data, don’t you?
