AMD Backdoor Bug on Chip

AMD Chip Vulnerabilities announced yesterday allegedly have backdoors on many Ryzen, Epyc, Ryzen Pro and Ryzen Mobile lines of processors that all use an important core system component that AMD sources from Taiwanese chip manufacturer ASMedia.  ASMedia is owned by Asus.  Wikipedia reports, ‘”Asus” or Huáshuò in Chinese (traditional Chinese: 華碩; simplified Chinese: 华硕, literally “Eminence of/by the Chinese [people]”)’

The original research documenting the vulnerabilities can be found at https://safefirmware.com/amdflaws_whitepaper.pdf

The research appears to be compelling so far based on my review.  Unfortunately, CTS only gave AMD 24 hours notice before kicking out a press release which increases the likelihood of bad actors attacking those using the chipsets identified.

Unfortunately, there hasn’t been enough time for AMD to mitigate the threats or even acknowledge they are legitimate.  No patches are available at this time to mitigate the threat.

The computer manufacturers listed on AMD’s website that may contain the vulnerable Chips include:

· Acer

· Asus

· Cyberpower PC

· Cybertron

· Cytron US

· Dell

· Ematic

· Foxconn

· HP

· Lenovo

· Toshiba

· Zotac

· iBuyPower

Check to See if Your Computer Has AMD Chipset

If you want to know if you have one of the processors listed in their white paper, you can run powershell from DOS as shown below and the following commands will tell you your processor model.

1. Open DOS (Windows Key -> type cmd

2. Type powershell

3. Get-WmiObject Win32_Processor

4. Cross reference the output to the whitepaper above.

If you have a vulnerable machine, I recommend migrating your data off the machine and then turning it off until a firmware patch for your processor becomes available.