• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

CTS Labs Sent AMD and Other Companies a Research Package with Proof-of-Concept Code

Low quality post by ArchStupid
Joined
Dec 22, 2011
Messages
289 (0.06/day)
Processor Ryzen 7 5800X3D
Motherboard Asus Prime X570 Pro
Cooling Deepcool LS-720
Memory 32 GB (4x 8GB) DDR4-3600 CL16
Video Card(s) PowerColor Radeon RX 7900 XTX Red Devil
Storage Samsung PM9A1 (980 Pro OEM) + 960 Evo NVMe SSD + 830 SATA SSD + Toshiba & WD HDD's
Display(s) Samsung C32HG70
Case Lian Li O11D Evo
Audio Device(s) Sound Blaster Zx
Power Supply Seasonic 750W Focus+ Platinum
Mouse Logitech G703 Lightspeed
Keyboard SteelSeries Apex Pro
Software Windows 11 Pro
The one vulnerability allows malicious BIOS to be installed. That is a pretty big issue actually. Beyond the normal malware we see today, because it allows the malware to persist even after a reformat and OS re-install, even after a full replacement of the storage drives. That actually is pretty bad.
Yes, but you still need to get that admin access to do the BIOS update/modification and at that point your system is already compromised, no matter whose CPU or chipset or whatever is in there. Also, since they blame it on American Megatrends making things easy, it should apply to any system with their BIOS?
 
Joined
Apr 16, 2010
Messages
2,070 (0.39/day)
System Name iJayo
Processor i7 14700k
Motherboard Asus ROG STRIX z790-E wifi
Cooling Pearless Assasi
Memory 32 gigs Corsair Vengence
Video Card(s) Nvidia RTX 2070 Super
Storage 1tb 840 evo, Itb samsung M.2 ssd 1 & 3 tb seagate hdd, 120 gig Hyper X ssd
Display(s) 42" Nec retail display monitor/ 34" Dell curved 165hz monitor
Case O11 mini
Audio Device(s) M-Audio monitors
Power Supply LIan li 750 mini
Mouse corsair Dark Saber
Keyboard Roccat Vulcan 121
Software Window 11 pro
Benchmark Scores meh... feel me on the battle field!
......anything with an operating system or an Internet connection can be hacked. Privacy exists as the thoughts with in your head....even then your mouth, expressions or fingers can still betray you. So were all kinda screwed. The only truely secure computer is:

1521035555645.png
 
Joined
Dec 22, 2011
Messages
289 (0.06/day)
Processor Ryzen 7 5800X3D
Motherboard Asus Prime X570 Pro
Cooling Deepcool LS-720
Memory 32 GB (4x 8GB) DDR4-3600 CL16
Video Card(s) PowerColor Radeon RX 7900 XTX Red Devil
Storage Samsung PM9A1 (980 Pro OEM) + 960 Evo NVMe SSD + 830 SATA SSD + Toshiba & WD HDD's
Display(s) Samsung C32HG70
Case Lian Li O11D Evo
Audio Device(s) Sound Blaster Zx
Power Supply Seasonic 750W Focus+ Platinum
Mouse Logitech G703 Lightspeed
Keyboard SteelSeries Apex Pro
Software Windows 11 Pro
Also, regardless of their excuse, 24hrs notice before going public was a stupid decision.
Yes and no, it was the only way they could get real attention and affect AMD stocks with this (in cooperation with Viceroy Research), since any other approach would have led to the industry and other security firms ripping this P.O.S. apart
 
Joined
Jun 29, 2009
Messages
2,012 (0.36/day)
Location
Heart of Eutopia!
System Name ibuytheusedstuff
Processor 5960x
Motherboard x99 sabertooth
Cooling old socket775 cooler
Memory 32 Viper
Video Card(s) 1080ti on morpheus 1
Storage raptors+ssd
Display(s) acer 120hz
Case open bench
Audio Device(s) onb
Power Supply antec 1200 moar power
Mouse mx 518
Keyboard roccat arvo
Last edited:
Joined
Mar 7, 2011
Messages
4,627 (0.92/day)
Yes, but you still need to get that admin access to do the BIOS update/modification and at that point your system is already compromised, no matter whose CPU or chipset or whatever is in there. Also, since they blame it on American Megatrends making things easy, it should apply to any system with their BIOS?
Blaming asmedia as well. Language used in the so called whitepaper is quite scathing. They might be going under soon with bunch of lawsuits.
 
Joined
Dec 22, 2011
Messages
289 (0.06/day)
Processor Ryzen 7 5800X3D
Motherboard Asus Prime X570 Pro
Cooling Deepcool LS-720
Memory 32 GB (4x 8GB) DDR4-3600 CL16
Video Card(s) PowerColor Radeon RX 7900 XTX Red Devil
Storage Samsung PM9A1 (980 Pro OEM) + 960 Evo NVMe SSD + 830 SATA SSD + Toshiba & WD HDD's
Display(s) Samsung C32HG70
Case Lian Li O11D Evo
Audio Device(s) Sound Blaster Zx
Power Supply Seasonic 750W Focus+ Platinum
Mouse Logitech G703 Lightspeed
Keyboard SteelSeries Apex Pro
Software Windows 11 Pro
Blaming asmedia as well. Language used in the so called whitepaper is quite scathing. They might be going under soon with bunch of lawsuits.
Pretty sure the company was founded to be a scapegoat for Viceroy Researchs shorting practices, so they're not probably too worried about that
 
Joined
Jan 10, 2011
Messages
1,451 (0.28/day)
Location
[Formerly] Khartoum, Sudan.
System Name 192.168.1.1~192.168.1.100
Processor AMD Ryzen5 5600G.
Motherboard Gigabyte B550m DS3H.
Cooling AMD Wraith Stealth.
Memory 16GB Crucial DDR4.
Video Card(s) Gigabyte GTX 1080 OC (Underclocked, underpowered).
Storage Samsung 980 NVME 500GB && Assortment of SSDs.
Display(s) ViewSonic VA2406-MH 75Hz
Case Bitfenix Nova Midi
Audio Device(s) On-Board.
Power Supply SeaSonic CORE GM-650.
Mouse Logitech G300s
Keyboard Kingston HyperX Alloy FPS.
VR HMD A pair of OP spectacles.
Software Ubuntu 24.04 LTS.
Benchmark Scores Me no know English. What bench mean? Bench like one sit on?
Still, when you have admin access, does it really matter at that point anymore?

How do you think pretty much all other malware infects systems? How do you think ransomware works? I'll give you a hint: Admin Level Code.

Privilege elevation exploits.
And that's assuming such tricks were needed. Malware that rely on admin/root privs can be less of a worry for enterprise machines maintained by an IT dept who know their job, but your average joe and jane would click the yes on the UAC prompt before the background finishes dimming.
UAC itself wasn't particularly that resilient, if I remembered correctly.
 
Low quality post by B-Real

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.44/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
...but urged those disgruntled with this decision to look at the situation objectively. "If you look at the situation in the following way: right now the public knows about the vulnerabilities and their implications, AMD is fully informed and developing patches, and major security companies are also informed and working on mitigation."
AMD has to rush to fix it as hackers rush to exploit it. Not a good situation. And yes, that's the objective look at it.

Looking at the broader picture "objectively": NVIDIA and AMD don't have a presence in Israel, Intel has a significant presence in Israel.
 
Joined
Feb 16, 2017
Messages
494 (0.17/day)
This is in contrast to the unintentional consequence of keeping Meltdown/Spectre away from the public domain for over half a year, allowing Intel's senior executives to dump company stock, and for big cloud computing providers to harden their infrastructure, giving themselves a competitive advantage over smaller providers. But unlike with Meltdown/Spectre, these vulnerabilities aren't industry-wide (i.e. they don't affect Intel), placing AMD at a disadvantage in both the stock markets, and in the retail markets.
I'd rather let a few executives distance themselves than potentially seeing a company get ruined by a dubious claim.
 
Low quality post by OneMoar

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,800 (1.64/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Thermalright Phantom Spirit SE
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage Nextorage NE1N 2TB ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard SteelSeries Apex 7
Software Windows 11 +startisallback
Very relevant.
How to spot the racists.
fooy
I don't trust certain parts of that region and it has everything todo with there political climate and instability of there economy
that and they are constantly killing each other over religion
 
Low quality post by eidairaman1

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,630 (6.68/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
CTS Smells of Intel Through and Through. I'll skip this clickbait from here on out.
 

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,800 (1.64/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Thermalright Phantom Spirit SE
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage Nextorage NE1N 2TB ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard SteelSeries Apex 7
Software Windows 11 +startisallback
I don't know that it stinks of intel but it sure does stink of amature stupidity and agenda (not that those are mutually exclusive )
 
Joined
Jan 23, 2016
Messages
1 (0.00/day)
Location
Greensboro, NC, US
System Name Peregrine AIO
Processor Intel i7-8700k
Motherboard ASRock Fatal1ty Z370 Gaming K6
Cooling EVGA CLC240 Liquid
Memory G.Skill Ripjaws V Series 32GB (4x8GB) DDR4-3000
Video Card(s) EVGA GTX 1080 Ti SC2 Hybrid
Storage Samsung Evo 860 1TB * 2, Samsung Evo 960 25GB M.2 NVME, Samsung Evo 850 500GB M.2 SATA
Display(s) Acer XB281HK 4k 28" G-Sync, 2 x Acer XB280HK 4k 28" G-Sync, Acer CB281HK 4k 28"
Case Fractal Design Meshify C Dark TG ATX
Audio Device(s) Beyerdynamic DT 770 PRO HT Headphones & FiiO E10K USB DAC and Headphone Amplifier
Power Supply Seasonic SS-1050XM2 1050w
Mouse Logitech G903
Keyboard Logitech G910 Orion Spectrum
Software Win10 Pro x64
Low quality post by eidairaman1

eidairaman1

The Exiled Airman
Joined
Jul 2, 2007
Messages
42,630 (6.68/day)
Location
Republic of Texas (True Patriot)
System Name PCGOD
Processor AMD FX 8350@ 5.0GHz
Motherboard Asus TUF 990FX Sabertooth R2 2901 Bios
Cooling Scythe Ashura, 2×BitFenix 230mm Spectre Pro LED (Blue,Green), 2x BitFenix 140mm Spectre Pro LED
Memory 16 GB Gskill Ripjaws X 2133 (2400 OC, 10-10-12-20-20, 1T, 1.65V)
Video Card(s) AMD Radeon 290 Sapphire Vapor-X
Storage Samsung 840 Pro 256GB, WD Velociraptor 1TB
Display(s) NEC Multisync LCD 1700V (Display Port Adapter)
Case AeroCool Xpredator Evil Blue Edition
Audio Device(s) Creative Labs Sound Blaster ZxR
Power Supply Seasonic 1250 XM2 Series (XP3)
Mouse Roccat Kone XTD
Keyboard Roccat Ryos MK Pro
Software Windows 7 Pro 64
Sorry Intel being in Israel, Whistle Blown on Intel, now intel is retaliating. Yeah Corruption...
 

FordGT90Concept

"I go fast!1!11!1!"
Joined
Oct 13, 2008
Messages
26,259 (4.44/day)
Location
IA, USA
System Name BY-2021
Processor AMD Ryzen 7 5800X (65w eco profile)
Motherboard MSI B550 Gaming Plus
Cooling Scythe Mugen (rev 5)
Memory 2 x Kingston HyperX DDR4-3200 32 GiB
Video Card(s) AMD Radeon RX 7900 XT
Storage Samsung 980 Pro, Seagate Exos X20 TB 7200 RPM
Display(s) Nixeus NX-EDG274K (3840x2160@144 DP) + Samsung SyncMaster 906BW (1440x900@60 HDMI-DVI)
Case Coolermaster HAF 932 w/ USB 3.0 5.25" bay + USB 3.2 (A+C) 3.5" bay
Audio Device(s) Realtek ALC1150, Micca OriGen+
Power Supply Enermax Platimax 850w
Mouse Nixeus REVEL-X
Keyboard Tesoro Excalibur
Software Windows 10 Home 64-bit
Benchmark Scores Faster than the tortoise; slower than the hare.
It could totally be a company created with Intel funding to disseminate vulnerabilities found in their competitors' hardware. Just look at how the last two days panned out and the language on their website: everything was orchestrated to inflict maximum damage on AMD for financial gain.
 
Joined
Mar 13, 2018
Messages
68 (0.03/day)
Physical access is not required, just admin privileges

The real vulnerability right there. What if I told you there is a vulnerability in the wild that allows anyone to do anything to a system no matter the OS. Its called the login/password.


Are these really vulnerabilities ? If I have admin credentials I can flash the bios of my video card. Does that make my video card vulnerable?
 
Joined
Sep 6, 2013
Messages
3,392 (0.82/day)
Location
Athens, Greece
System Name 3 desktop systems: Gaming / Internet / HTPC
Processor Ryzen 5 7600 / Ryzen 5 4600G / Ryzen 5 5500
Motherboard X670E Gaming Plus WiFi / MSI X470 Gaming Plus Max (1) / MSI X470 Gaming Plus Max (2)
Cooling Aigo ICE 400SE / Segotep T4 / Νoctua U12S
Memory Kingston FURY Beast 32GB DDR5 6000 / 16GB JUHOR / 32GB G.Skill RIPJAWS 3600 + Aegis 3200
Video Card(s) ASRock RX 6600 + GT 710 (PhysX) / Vega 7 integrated / Radeon RX 580
Storage NVMes, ONLY NVMes / NVMes, SATA Storage / NVMe, SATA, external storage
Display(s) Philips 43PUS8857/12 UHD TV (120Hz, HDR, FreeSync Premium) / 19'' HP monitor + BlitzWolf BW-V5
Case Sharkoon Rebel 12 / CoolerMaster Elite 361 / Xigmatek Midguard
Audio Device(s) onboard
Power Supply Chieftec 850W / Silver Power 400W / Sharkoon 650W
Mouse CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Keyboard CoolerMaster Devastator III Plus / CoolerMaster Devastator / Logitech
Software Windows 10 / Windows 10&Windows 11 / Windows 10
I think we have a little fire here with too much smoke. There where many vulnerabilities in Intel's Management Engine lately, but I haven't seen anyone coming out and saying that Intel's valuation is $0. Even after Meltdown and Spectre. Maybe Intel started this project "Find vulnerabilities in AMD software" secretly and then co operated with Viceroy (Intel executives making money throught stock market manipulation? I am probably wrong here! ) to make the biggest possibly impact with whatever they would find, with the help of both tech and financial press. I think this kind of attacks between companies could become more often in the future.
 
Joined
Jan 8, 2017
Messages
9,505 (3.27/day)
System Name Good enough
Processor AMD Ryzen R9 7900 - Alphacool Eisblock XPX Aurora Edge
Motherboard ASRock B650 Pro RS
Cooling 2x 360mm NexXxoS ST30 X-Flow, 1x 360mm NexXxoS ST30, 1x 240mm NexXxoS ST30
Memory 32GB - FURY Beast RGB 5600 Mhz
Video Card(s) Sapphire RX 7900 XT - Alphacool Eisblock Aurora
Storage 1x Kingston KC3000 1TB 1x Kingston A2000 1TB, 1x Samsung 850 EVO 250GB , 1x Samsung 860 EVO 500GB
Display(s) LG UltraGear 32GN650-B + 4K Samsung TV
Case Phanteks NV7
Power Supply GPS-750C
Yep , they sent out detailed technical papers to major companies making sure the mission critical systems these companies sell are in total safety.

...and also to this bloke a week prior : https://twitter.com/dguido

"I initially responded to their request out of curiosity -- "Hey, do you want to see our new processor bugs before we release them?" "hell yes I do" -- but after their asks continued to grow billed them our week rate for the work."

:laugh:
 
Joined
Mar 4, 2011
Messages
165 (0.03/day)
Location
Israel
System Name Negra5
Processor i5 6500
Motherboard ASUS Z170M-Plus
Cooling Cooler Master Hyper TX3
Memory Kingston HyperX 16GB DDR4
Video Card(s) PNY GTX-1070, XFX RX480
Storage Gigabyte 256GB SSD, WD 1TB HDD, WD 4TB HDD.
Display(s) SAMSUNG 32" FullHD
Case GAMING EAGLE WARRIOR CG-06R1
Audio Device(s) nVidia HD Audio
Power Supply Corsair GS800W 80 Plus Bronze
Mouse Cooler Master Devastator MS2k
Keyboard Cooler Master Devastator MB24
Software Windows 10 20H2
Benchmark Scores Pfft
These guys seem to have done this in very bad faith to hurt AMD. They even claim AMD should file for bankruptcy. It speaks a lot about their agenda.
 
Joined
Oct 2, 2004
Messages
13,791 (1.87/day)
Physical access and admin access are two vastly different things. Every malware gets onto PCs through admin access, tons of computers get infected every day, so this is not a non-issue.
The difference here is that the malware can be hidden in a way that's undetectable from security software and persists through reboot, and OS reinstall, which means "buy a new computer" for 99% of the population.


No

That's not true entirely and given you're a programmer, you probably know this. Malware gets on PC via actual vulnerability/exploit, usually via privilege escalation exploitation. Meaning you basically force malware into secured system without admin rights by giving it more rights "unofficially" via a security hole/flaw. Once you do that, you're basically on the same security level as people managing those systems officially. And when you have that kind of access, you can install things on system the normal way and chances are, in 99% of cases, no one would notice anything. You don't even need a flawed CPU or anything else. It's very likely you could actually leave an entry in programs and Features panel and admins probably wouldn't notice it.
 

OneMoar

There is Always Moar
Joined
Apr 9, 2010
Messages
8,800 (1.64/day)
Location
Rochester area
System Name RPC MK2.5
Processor Ryzen 5800x
Motherboard Gigabyte Aorus Pro V2
Cooling Thermalright Phantom Spirit SE
Memory CL16 BL2K16G36C16U4RL 3600 1:1 micron e-die
Video Card(s) GIGABYTE RTX 3070 Ti GAMING OC
Storage Nextorage NE1N 2TB ADATA SX8200PRO NVME 512GB, Intel 545s 500GBSSD, ADATA SU800 SSD, 3TB Spinner
Display(s) LG Ultra Gear 32 1440p 165hz Dell 1440p 75hz
Case Phanteks P300 /w 300A front panel conversion
Audio Device(s) onboard
Power Supply SeaSonic Focus+ Platinum 750W
Mouse Kone burst Pro
Keyboard SteelSeries Apex 7
Software Windows 11 +startisallback
on the upside nobody will ever work with these guys ever again*
and there careers are officially over

*assuming AMD doesn't sue them into the ground first
 
Low quality post by xkm1948
Joined
Mar 18, 2008
Messages
5,717 (0.93/day)
System Name Virtual Reality / Bioinformatics
Processor Undead CPU
Motherboard Undead TUF X99
Cooling Noctua NH-D15
Memory GSkill 128GB DDR4-3000
Video Card(s) EVGA RTX 3090 FTW3 Ultra
Storage Samsung 960 Pro 1TB + 860 EVO 2TB + WD Black 5TB
Display(s) 32'' 4K Dell
Case Fractal Design R5
Audio Device(s) BOSE 2.0
Power Supply Seasonic 850watt
Mouse Logitech Master MX
Keyboard Corsair K70 Cherry MX Blue
VR HMD HTC Vive + Oculus Quest 2
Software Windows 10 P
I am starting to question whether several tech sites that are so eagerly promoting these stories received any incentives for doing so. This is beyond just click bait titles. TPU's Facebook account is even worse. Paid to promote agenda?

Come on, deliberately ignoring their white paper said they have potential "financial interest in said company" Also ignoring that multiple users, as well as some other tech news such as GamerNexus point out those so called security claims can be executed to ANY machine.

My BS meter is ticking to the max.
 

W1zzard

Administrator
Staff member
Joined
May 14, 2004
Messages
27,965 (3.71/day)
Processor Ryzen 7 5700X
Memory 48 GB
Video Card(s) RTX 4080
Storage 2x HDD RAID 1, 3x M.2 NVMe
Display(s) 30" 2560x1600 + 19" 1280x1024
Software Windows 10 64-bit
usually via privilege escalation exploitation
I would say "usually" it's people just clicking "accept" in the UAC prompt because they want whatever they downloaded to run?

and chances are, in 99% of cases, no one would notice anything.
How do antivirus companies make billions then? Your point is a fair one though, if the malware doesn't do anything that hurts me, then why bother protecting or fighting against it? Technically not "mal"ware then anymore :)

some other tech news such as GamerNexus point out those so called security claims can be executed to ANY machine.
Not sure what you are talking about, but are you saying they claim that you can execute attacks against the AMD Secure Processor on systems that don't have an AMD Secure Processor?
 
Top