Intel CPUs have been known to contain hardware vulnerabilities for years now. However, a group of researchers from the Graz University of Technology have revealed that AMD CPUs have had them all along as well.
The white paper released by the researchers describes a vulnerability called “Take A Way” that is able to leak data off of AMD CPUs dating back to 2011. This means that whether it is an old Athlon 64 X2 or a new high-end Ryzen 7 processor, they’ve all been vulnerable to cyberattacks all along.
This vulnerability allows intruders to monitor the CPU’s memory without having access to any physical addresses or shared memory. Although this exploit is not able to leak nearly as much data as Meltdown or Spectre, the researchers were still able to easily uncover sensitive data such as encryption keys. The research team took advantage of the flaws using JavaScript, common browser extensions, and most notably, virtual machines on the cloud.
The flaw has already been pointed out to AMD and the chipmaker responded to it claiming that “these are not new speculation based attacks”.
We are aware of a new whitepaper that claims potential security exploits in AMD CPUs, whereby a malicious actor could manipulate a cache-related feature to potentially transmit user data in an unintended way. The researchers then pair this data path with known and mitigated software or speculative execution side channel vulnerabilities. AMD believes these are not new speculation-based attacks.
As always, the statement advises users to keep their systems up to date to stay safe from such vulnerabilities.