Skip to Content
MIT Technology Review
  • Featured
  • Topics
  • Newsletters
  • Events
  • Podcasts
    • Sign in
    Computing

    Researchers say they’ve found serious security flaws in some AMD chips

    March 13, 2018

    The news: CTS-Labs, an Israeli cybersecurity firm, says it has found multiple flaws in AMD’s Ryzen and Epyc processors that could let hackers who’ve already compromised computers access secure portions of the processors to install malware or steal sensitive data like encryption keys. The 13 different vulnerabilities affect processors found in desktops, laptops, and servers.

    The flaws: The researchers have published a list of the different flaws but have withheld some technical details that would let them be easily exploited. In a clear play for publicity, they gave AMD just 24 hours’ notice of their findings, compared with the typical 90-day notice period that most security researchers provide. AMD says it’s studying the findings and is committed to protecting its customers.

    Spectre redux: Earlier this year, serious security flaws dubbed Spectre and Meltdown were found in Intel and ARM processors, as well as a smaller number of AMD processors. Fixes for these have slowed computers down. AMD is now facing another big security headache, with no immediate cure available.

    Deep Dive

    Computing

    Erik Prince wants to sell you a “secure” smartphone that’s too good to be true

    MIT Technology Review obtained Prince’s investor presentation for the “RedPill Phone,” which promises more than it could possibly deliver.

    Corruption is sending shock waves through China’s chipmaking industry

    The arrests of several top semiconductor fund executives could force the government to rethink how it invests in the sector.

    Inside the software that will become the next battle front in US-China chip war

    The US has moved to restrict export of EDA software. What is it, and how will the move affect China?

    Hackers linked to China have been targeting human rights groups for years

    In a new report shared exclusively with MIT Technology Review, researchers expose a cyber-espionage campaign on “a tight budget” that proves simple can still be effective.

    Stay connected

    Illustration by Rose Wong

    Get the latest updates from
    MIT Technology Review

    Discover special offers, top stories, upcoming events, and more.

    Thank you for submitting your email!

    Explore more newsletters

    It looks like something went wrong.

    We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.