Jump to content
Search In
  • More options...
Find results that contain...
Find results in...
Coaxialgamer

[Update] Security flaws discovered in AMD zen processors : AMD's meltdown?

wkdpaul

Please keep the conversation civil and respectful, as per the Community Standards;

Quote
  • Ensure a friendly atmosphere to our visitors and forum members.
  • Encourage the freedom of expression and exchange of information in a mature and responsible manner.
  • "Don't be a dick" - Wil Wheaton.
  • "Be excellent to each other" - Bill and Ted.
  • Remember your audience; both present and future.

 

Message added by wkdpaul

Recommended Posts

Just now, Notional said:

Great job from AMD putting out a bios update to completely remove all of these "bugs", that require a fully compromised system with full administrator rights. CTS is a joke seemingly involved in a blatant stock manipulation conspiracy. What an absolutely retarded ordeal.

I do wonder who their "Customer" was who asked for this paper :S I bet that customer paid quite a lot for a piece like that.

Link to post
Share on other sites
1 minute ago, SC2Mitch said:

I do wonder who their "Customer" was who asked for this paper :S I bet that customer paid quite a lot for a piece like that.

They paid too much, however it was.

Link to post
Share on other sites
1 minute ago, Taf the Ghost said:

They paid too much, however it was.

If it was a 'customer' who requested this for shorting stock, then that depends on how much they were betting on the short of stock and how much they made off of that short.  Of course, I think I read an article on this somewhere that AMD has requested the SEC to look into unusual activities related to stock trading shortly before the security issues went public.

Link to post
Share on other sites
On 3/18/2018 at 12:09 PM, Space Reptile said:

why are people still replying in this thread? 

 

oh i see , LAwLz is replying to every post trying to tell everyone its real ..... 

yay

Oh boy, I bet you're embarrassed now that AMD has verified that the security holes are real.

;)

 

12 minutes ago, Notional said:

Great job from AMD putting out a bios update to completely remove all of these "bugs", that require a fully compromised system with full administrator rights. CTS is a joke seemingly involved in a blatant stock manipulation conspiracy. What an absolutely retarded ordeal.

Admin privilege is not the same as "fully compromised" because admin is not the highest privilege you can get.

Also, these are vulnerabilities. No need to put "bugs" in quotes.

I agree that it's good that AMD are planning on releasing updates for it though, and they were quick with the status update.

Link to post
Share on other sites
1 minute ago, LAwLz said:

Oh boy, I bet you're embarrassed now that AMD has verified that the security holes are real.

;)

dont just claim something , post proof 


RyzenAir : AMD R5 1600 | AsRock AB350M Pro4 | 24gb KVR DDR4 2666 | GTX 1060 | Fractal Design Node 804
RyzenITX : Ryzen 3 2200G | GA-AB350N-Gaming WIFI | 12gb DDR4 2993 | Vega 8 | MS-Tech CI-58 | Pico PSU 150

 

PSU Tier list

 

Link to post
Share on other sites
2 minutes ago, LAwLz said:

Admin privilege is not the same as "fully compromised" because admin is not the highest privilege you can get.

Also, these are vulnerabilities. No need to put "bugs" in quotes.

I agree that it's good that AMD are planning on releasing updates for it though, and they were quick with the status update.

2

Injecting a malware ridden signed driver will compromise any piece of hardware ever. It's like saying there is a security hole in your home because the thief had a full set of keys to your front door and your security code for the alarm. Not really a security bug as such. I'm all for better security mind you, and I, of course, want any issue dealt with, but this issue is pretty much just theoretical in the real world.


Watching Intel have competition is like watching a headless chicken trying to get out of a mine field

CPU: Intel I7 4790K@4.6 with NZXT X31 AIO; MOTHERBOARD: ASUS Z97 Maximus VII Ranger; RAM: 8 GB Kingston HyperX 1600 DDR3; GFX: ASUS R9 290 4GB; CASE: Lian Li v700wx; STORAGE: Corsair Force 3 120GB SSD; Samsung 850 500GB SSD; Various old Seagates; PSU: Corsair RM650; MONITOR: 2x 20" Dell IPS; KEYBOARD/MOUSE: Logitech K810/ MX Master; OS: Windows 10 Pro

Link to post
Share on other sites

Why are you all focused on "home users" when there's another a whole other sector this affects on a larger scale? 


Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to post
Share on other sites

Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to post
Share on other sites
13 minutes ago, Notional said:

Injecting a malware ridden signed driver will compromise any piece of hardware ever. It's like saying there is a security hole in your home because the thief had a full set of keys to your front door and your security code for the alarm. Not really a security bug as such. I'm all for better security mind you, and I, of course, want any issue dealt with, but this issue is pretty much just theoretical in the real world.

"Vulnerability" might be better.

 

Also, we're still skipping over CTS claiming ASMedia built back doors into their USB controller.

Link to post
Share on other sites
1 minute ago, ARikozuM said:
Quote

As described in more detail below, AMD has rapidly completed its assessment and is in the process of developing and staging the deployment of mitigations. It’s important to note that all the issues raised in the research require administrative access to the system, a type of access that effectively grants the user unrestricted access to the system and the right to delete, create or modify any of the folders or files on the computer, as well as change any settings. Any attacker gaining unauthorized administrative access would have a wide range of attacks at their disposal well beyond the exploits identified in this research. Further, all modern operating systems and enterprise-quality hypervisors today have many effective security controls, such as Microsoft Windows Credential Guard in the Windows environment, in place to prevent unauthorized administrative access that would need to be overcome in order to affect these security issues. A useful clarification of the difficulties associated with successfully exploiting these issues can be found in this posting from Trail of Bits, an independent security research firm who were contracted by the third-party researchers to verify their findings.


ah so as previously said , its a NO SHIT SHERLOCK vulnerability , "at that point you might aswell take the computer and leave" -Steve , GN 


RyzenAir : AMD R5 1600 | AsRock AB350M Pro4 | 24gb KVR DDR4 2666 | GTX 1060 | Fractal Design Node 804
RyzenITX : Ryzen 3 2200G | GA-AB350N-Gaming WIFI | 12gb DDR4 2993 | Vega 8 | MS-Tech CI-58 | Pico PSU 150

 

PSU Tier list

 

Link to post
Share on other sites
1 minute ago, Space Reptile said:

ah so as previously said , its a NO SHIT SHERLOCK vulnerability , "at that point you might aswell take the computer and leave" -Steve , GN 

Why take an IBM computer's current data (example) when you can harvest all future data? 


Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to post
Share on other sites
3 minutes ago, Space Reptile said:


ah so as previously said , its a NO SHIT SHERLOCK vulnerability , "at that point you might aswell take the computer and leave" -Steve , GN 

 

It wasn't so "no shit sherlock" for you when you were trying to convince everyone that @LAwLz was just making shit up and this wasn't even real.  lol.   You're funny.

 

On 3/18/2018 at 7:09 AM, Space Reptile said:

why are people still replying in this thread? 

 

oh i see , LAwLz is replying to every post trying to tell everyone its real ..... 



yay


CPU: i9 7900X  |  Motherboard: Asus ROG Rampage VI Apex |  GPUs: 2 x EVGA GTX 1080 Ti  |  RAM: 32GB G.Skill TridentZ DDR4 3200Mhz (CL14)  

Storage: 2 x Samsung 960 Evo NVMe (RAID 0)  |  4 x Samsung 850 EVO (RAID 0)  |  PSUEVGA SuperNOVA 1600 T2

Cooling: Custom Loop  5 x EK 360mm rads  |  2 x EK D5 PWM pumps  |  EK GPU blocks | Aqua Computer Cuplex Kryos NEXT CPU block

Case: Caselabs Mercury S8 w/ Pedestal

 

CPU: Threadripper 1950x  |  Motherboard: Asus ROG Zenith Extreme  |  GPU: 3 x EVGA GTX 1080 Ti  +  2 x EVGA GTX 1080  |  RAM: 32GB G.Skill TridentZ DDR4 3200Mhz (CL14)

Storage:  2 x Samsung 950 Pro NVMe (RAID 0)  |  Samsung 840 Evo SSD  | PSU: Seasonic Platinum 1200w

Cooling:  Custom Loop  1 x EK XE 480mm / 1 x EK PE 360mm  |  EK D5 PWM pump  |  EK CPU & GPU blocks 

Case: Caselabs Mercury SM8

Link to post
Share on other sites

@LAwLz and @leadeater, do they mean administrative privilege as in "right-click, run as..." or just part of the IT team? It's been bugging me as UAC doesn't really defeat any of these unless computers were put on restricted access beforehand. 


Cor Caeruleus Reborn v6

Spoiler

CPU: Intel - Core i7-8700K

CPU Cooler: be quiet! - PURE ROCK 
Thermal Compound: Arctic Silver - 5 High-Density Polysynthetic Silver 3.5g Thermal Paste 
Motherboard: ASRock Z370 Extreme4
Memory: G.Skill TridentZ RGB 2x8GB 3200/14
Storage: Samsung - 850 EVO-Series 500GB 2.5" Solid State Drive 
Storage: Samsung - 960 EVO 500GB M.2-2280 Solid State Drive
Storage: Western Digital - Blue 2TB 3.5" 5400RPM Internal Hard Drive
Storage: Western Digital - BLACK SERIES 3TB 3.5" 7200RPM Internal Hard Drive
Video Card: EVGA - 970 SSC ACX (1080 is in RMA)
Case: Fractal Design - Define R5 w/Window (Black) ATX Mid Tower Case
Power Supply: EVGA - SuperNOVA P2 750W with CableMod blue/black Pro Series
Optical Drive: LG - WH16NS40 Blu-Ray/DVD/CD Writer 
Operating System: Microsoft - Windows 10 Pro OEM 64-bit and Linux Mint Serena
Keyboard: Logitech - G910 Orion Spectrum RGB Wired Gaming Keyboard
Mouse: Logitech - G502 Wired Optical Mouse
Headphones: Logitech - G430 7.1 Channel  Headset
Speakers: Logitech - Z506 155W 5.1ch Speakers

 

Link to post
Share on other sites

I can't be half arsed to look for examples and maybe @LAwLz can verify, but I'm pretty certain "requires admin access" doesn't simply mean you need the username and password of an admin account. You can find a program running with elevated privileges that has a flaw in it. You can hook into the program through legitimate means, but with a specific payload that allows you to execute arbitrary code at that level.

Link to post
Share on other sites

Well, I think we all learned a few things from this thread and the whole situation at large. First, don't prematurely judge the severity of a security flaw based on information that is unrelated to the bug itself (in this case, the fact that CTS is shady as heck). Wait for more information. Second, this is a good example of how NOT to handle the reporting of exploits and other security-related issues. There's a reason why there's a generally accepted rule of 90 day notice before it goes public. It gives the company time to address it without everyone going crazy from all the bad news about their oh-so-loved company!

 

Oh, and fuck CTS. That's the most important bit.


Why is the God of Hyperdeath SO...DARN...CUTE!?

 

Also, if anyone has their mind corrupted by an anthropomorphic black latex bat, please let me know. I would like to join you.

Link to post
Share on other sites
13 minutes ago, ARikozuM said:

@LAwLz and @leadeater, do they mean administrative privilege as in "right-click, run as..." or just part of the IT team? It's been bugging me as UAC doesn't really defeat any of these unless computers were put on restricted access beforehand. 

Any account that has admin privileges and you either: Run the program as admin (UAC on), allow elevation of rights from UAC prompt or disable UAC meaning everything you run has elevated permissions.

Link to post
Share on other sites

Okay, here's an example but not really of not needing to know an admin account's credentials to attack a system. UPlay several years ago had a security bug, which according to Ubisoft's words:

Quote

The browser plugin that we used to launch the application through Uplay was able to take command line arguments that developers used to launch their games while they're being made. This weakness could allow the application to specify any executable to run, rather than just a game. This means it was possible to launch another program on the machine.

 

Now if UPlay ran solely as a standard user, that wouldn't really present a problem. Except UPlay, to this day, continues to want elevated permissions to run for no reason other than it wants to access portions of the file system. Had this bug still existed in UPlay today, an attacker doesn't have to ask for my username and password, they just have to know I'm running UPlay and exploit this flaw.

Edited by M.Yurizaki
Link to post
Share on other sites

I wonder if AMD would be kind enough to release a bios update that stopped fanboys putting their head in the sand?


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites
2 hours ago, leadeater said:

or disable UAC meaning everything you run has elevated permissions.

Sadly, in Windows 10 that's not necessarily the case (and yes, I run with UAC "disabled").  Even with UAC turned down to the lowest setting, you still have to right-click and run certain things as admin, unless they're set to explicitly request it from the system.

Link to post
Share on other sites
11 minutes ago, Jito463 said:

Sadly, in Windows 10 that's not necessarily the case (and yes, I run with UAC "disabled").  Even with UAC turned down to the lowest setting, you still have to right-click and run certain things as admin, unless they're set to explicitly request it from the system.

Not sure if has been patched or blocked on windows 10 haven't used in awhile

Boot to recovery use cmd Force accessibility to cmd prompt then

Forced guest or whatever to admin without ever logging in?

Link to post
Share on other sites
42 minutes ago, Jito463 said:

Sadly, in Windows 10 that's not necessarily the case (and yes, I run with UAC "disabled").  Even with UAC turned down to the lowest setting, you still have to right-click and run certain things as admin, unless they're set to explicitly request it from the system.

Yea things like PowerShell and CMD, plus some other odd apps. For the most part though if you run an exe with UAC off it has admin perms. Windows really needs to start sandboxing applications and their config/reg hives so they can run with godly perms but only screw over itself. Any system stuff should require explicit access not accessible through any old application.

Link to post
Share on other sites
1 hour ago, leadeater said:

Yea things like PowerShell and CMD, plus some other odd apps. For the most part though if you run an exe with UAC off it has admin perms. Windows really needs to start sandboxing applications and their config/reg hives so they can run with godly perms but only screw over itself. Any system stuff should require explicit access not accessible through any old application.

They have done that to some extent with the registry, through the use of the TrustedInstaller permission.  However, I do agree that they could do a far better job of sandboxing things.

Link to post
Share on other sites
1 hour ago, JuNex03 said:

They confirmed the vulnerabilities and stated said vulnerabilities were overhyped and exaggerated. Now AMD is asking for an investigation of unusual stock trading...

 

https://www.bloomberg.com/news/articles/2018-03-20/amd-confirms-chip-vulnerability-says-report-exaggerated-danger

I hope it's thorough and these guys get their ass's handed to them.  It's hard enough dealing with security issues in such a complex industry as it is without encouraging stock market parasites to make things worse.


QuicK and DirtY. Read the CoC it's like a guide on how not to be moron.  Also I don't have an issue with the VS series.

Sometimes I miss contractions like n't on the end of words like wouldn't, couldn't and shouldn't.    Please don't be a dick,  make allowances when reading my posts.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


×