Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in
    Computing

    Researchers say they’ve found serious security flaws in some AMD chips

    March 13, 2018

    The news: CTS-Labs, an Israeli cybersecurity firm, says it has found multiple flaws in AMD’s Ryzen and Epyc processors that could let hackers who’ve already compromised computers access secure portions of the processors to install malware or steal sensitive data like encryption keys. The 13 different vulnerabilities affect processors found in desktops, laptops, and servers.

    The flaws: The researchers have published a list of the different flaws but have withheld some technical details that would let them be easily exploited. In a clear play for publicity, they gave AMD just 24 hours’ notice of their findings, compared with the typical 90-day notice period that most security researchers provide. AMD says it’s studying the findings and is committed to protecting its customers.

    Spectre redux: Earlier this year, serious security flaws dubbed Spectre and Meltdown were found in Intel and ARM processors, as well as a smaller number of AMD processors. Fixes for these have slowed computers down. AMD is now facing another big security headache, with no immediate cure available.

    Deep Dive

    Computing

    A chip design that changes everything: 10 Breakthrough Technologies 2023

    Computer chip designs are expensive and hard to license. That’s all about to change thanks to the popular open standard known as RISC-V.

    Modern data architectures fuel innovation

    More diverse data estates require a new strategy—and the infrastructure to support it.

    Chinese chips will keep powering your everyday life

    The war over advanced semiconductor technology continues, but China will likely take a more important role in manufacturing legacy chips for common devices.

    The computer scientist who hunts for costly bugs in crypto code

    Programming errors on the blockchain can mean $100 million lost in the blink of an eye. Ronghui Gu and his company CertiK are trying to help.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.