Date
23 September 2018
AMD is investigating claims that some of its microprocessors have flaws that make them vulnerable to hacks. Representational image: Bloomberg
AMD is investigating claims that some of its microprocessors have flaws that make them vulnerable to hacks. Representational image: Bloomberg

Israeli researchers say they found security flaws in AMD chips

An Israeli cyber-security research firm and consultancy, CTS labs, has claimed that it uncovered flaws in Advanced Micro Devices (AMD) microprocessors that make them vulnerable to hacks.

CTS executives told Reuters that they had shared their findings with some clients who pay the firm for proprietary research on vulnerabilities in computer hardware.

Short-seller Viceroy Research published a 25-page report on the vulnerabilities on Tuesday, betting AMD shares will fall.

AMD said that the report took it by surprise and said it is investigating the claims..

“This company was previously unknown to AMD and we find it unusual for a security firm to publish its research to the press without providing a reasonable amount of time for the company to investigate and address its findings,” the chipmaker said in a note to customers on its website.

Viceroy founder Fraser Perring told Reuters that somebody anonymously emailed him a draft of the report at about 4 pm on Monday.

The firm spent much of the evening analyzing the situation and ended up taking a “sizeable” short position in AMD, he said.

On Friday and Monday, short selling of AMD’s stock increased by about 15 million shares, Reuters reports, citing S3 Partners, a financial analytics firm.

That brought overall short interest in the chipmaker to about 180 million shares, the most since at least 2010.

New York-based cyber security firm Trail of Bits told Reuters that it had verified the findings from CTS.

A Trail of Bits analyst spent a week reviewing detailed technical reports from CTS, along with “proof of concept” code that could be used to launch attacks on computers running vulnerable AMD chips, Trail of Bits CEO Dan Guido was quoted as saying.

“These are real security issues in AMD code and processors” that hackers could exploit to manipulate or steal secure data, Guido told Reuters.

For the attacks to work, an attacker must first obtain administrator access to a targeted network, he said.

– Contact us at [email protected]

RC

EJI Weekly Newsletter

Please click here to unsubscribe