{"id":2460,"date":"2018-03-15T15:44:50","date_gmt":"2018-03-15T19:44:50","guid":{"rendered":"https:\/\/solutionsreview.com\/identity-management\/?p=2460"},"modified":"2018-03-15T15:44:50","modified_gmt":"2018-03-15T19:44:50","slug":"amd-processor-flaws-discovered-company-not-given-ample-warning","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/","title":{"rendered":"AMD Processor Flaws Discovered, Company Not Given Ample Warning?"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-2461\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg\" alt=\"AMD processor controversy \" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg 800w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips.<\/span><\/p>\n<div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"iam-inject\" href=\"https:\/\/suggestionengine.solutionsreview.com\/buyer\/signup\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" title=\"\" src=\"https:\/\/solutionsreview.com\/identity-management\/files\/2021\/02\/Identity_Suggestion_Engine_Horiz_800.gif\" alt=\"IAM Solution Suggestion Engine\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">This is in itself is not totally shocking given the <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/dr-eric-cole-discusses-meltdown-spectre\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">Spectre and Meltdown flaws<\/span><\/a><span style=\"font-weight: 400\">. What may be more shocking is how CTS Labs handled their discovery. They released a whitepaper detailing the alleged AMD processor vulnerabilities only 24 hours after informing the manufacturer. Traditionally, researchers give manufacturers and designers 90 days to investigate the vulnerabilities themselves and develop patches when a security hole is discovered in their product. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Naturally, the sudden exposure of the AMD flaws led to significant controversy in the cybersecurity community. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">AMD released <\/span><a href=\"https:\/\/ir.amd.com\/news-releases\/news-release-details\/view-our-corner-street-0\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">a statement<\/span><\/a><span style=\"font-weight: 400\"> on the subject: \u201cWe are actively investigating and analyzing its findings. This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings. At AMD, security is a top priority and we are continually working to ensure the safety of our users as potential new risks arise.\u201d<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Ilia Luk-Ziberman\u2014CTO of CTS Labs\u2014released <\/span><a href=\"https:\/\/safefirmware.com\/CTO+Letter.pdf\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">a statement<\/span><\/a><span style=\"font-weight: 400\"> in response to the criticism, explaining his actions in the context of the ease at which the faults were found and their severity: \u201cIt took time to set-up the working environment to start communication with the AMD Secure processor, but after reaching a full working setup and understanding of the architecture \u2013 we started finding vulnerabilities. One, and another and another. And not complex, crazy logical bugs, but basic mistakes \u2013 like screwing up the digital signatures mechanism.\u201d <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">\u201cThe main problem in my eyes,\u201d he continues, \u201cwith this model is that during these 30\/45\/90 days, it\u2019s up to the vendor if it wants to alert the customers that there is a problem. And as far as I\u2019ve seen, it is extremely rare that the vendor will come out ahead of time notifying the customers&#8230;The second problem is &#8211; if the vendor doesn\u2019t fix it in time \u2013 what then?\u201d<\/span><\/p>\n<br \/>Widget not in any sidebars<br \/>\n","protected":false},"excerpt":{"rendered":"<p>Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips. This is in itself is not totally shocking given the Spectre and Meltdown flaws. What may be more shocking is how CTS Labs handled their discovery. They released a whitepaper detailing the alleged [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2461,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[6],"tags":[142,679,680,678,16,112,30],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>AMD Processor Flaws Discovered, Company Not Given Ample Warning?<\/title>\n<meta name=\"description\" content=\"Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/\",\"name\":\"AMD Processor Flaws Discovered, Company Not Given Ample Warning?\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg\",\"datePublished\":\"2018-03-15T19:44:50+00:00\",\"dateModified\":\"2018-03-15T19:44:50+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"AMD processor controversy\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/identity-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"AMD Processor Flaws Discovered, Company Not Given Ample Warning?\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/\",\"name\":\"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services\",\"description\":\"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"AMD Processor Flaws Discovered, Company Not Given Ample Warning?","description":"Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/","url":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/","name":"AMD Processor Flaws Discovered, Company Not Given Ample Warning?","isPartOf":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg","datePublished":"2018-03-15T19:44:50+00:00","dateModified":"2018-03-15T19:44:50+00:00","author":{"@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Security firm CTS Labs of Israel claims to have discovered 13 critical vulnerabilities in AMD processors, including its latests model Ryzen chips.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#primaryimage","url":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/identity-management\/files\/2018\/03\/microprocessor-mod.jpg","width":800,"height":400,"caption":"AMD processor controversy"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/identity-management\/amd-processor-flaws-discovered-company-not-given-ample-warning\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/identity-management\/"},{"@type":"ListItem","position":2,"name":"AMD Processor Flaws Discovered, Company Not Given Ample Warning?"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/identity-management\/#website","url":"https:\/\/solutionsreview.com\/identity-management\/","name":"Best Identity Access Management (IAM) Software, Tools, Vendors, Solutions, &amp; Services","description":"Identity Access Management (IAM) News, Best Practices and Buyer&#039;s Guide","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/identity-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/identity-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/identity-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/2460"}],"collection":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/comments?post=2460"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/posts\/2460\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media\/2461"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/media?parent=2460"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/categories?post=2460"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/identity-management\/wp-json\/wp\/v2\/tags?post=2460"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}