Your AMD Processors May be Vulnerable To Data Breaches and Here is Why

A recent study identifies flaws in AMD SoCs that might allow attackers to disable any protection provided by their TPM implementations. Any cryptographic data or other credentials that TPM protects may be exposed by the attacks.

In order to make it more difficult for hackers to access critical data like encryption keys and login passwords, CPUs are equipped with the Trusted Platform Module (TPM), which provides an additional layer of protection. It is the technique employed by systems that make use of PINs to log into Windows.

TPM typically consists of a physical chip on the motherboard, but many processors now have firmware TPM (fTPM), a software-based alternative that users can quickly enable via the BIOS.

When Microsoft made the security feature necessary for downloading and getting official updates for Windows 11, it caused criticism. Many older CPUs, which would normally be able to run Windows 11 without any problems, lack TPM, forcing owners to either invest in pricey upgrades or use somewhat difficult workarounds.

Microsoft’s insistence seemed harsher because of earlier TPM problems, but Technische Universität Berlin – SecT and Fraunhofer SIT researchers recently found a vulnerability that might totally disable fTPM. Successful attacks may result in the execution of arbitrary code and the extraction of encrypted data.

Attackers may influence the power supply to compel a Zen 2 or Zen 3 CPU to accept incorrect information, which enables them to change the firmware, as in a voltage fault injection attack. Another is a less complex ROM attack that makes use of a bug in Zen 1 and Zen+ processors that cannot be fixed.

The assaults, fortunately for consumers, do not entail remote malware installation since they need hours of physical access to a target machine. The issue with the vulnerability mostly affects lost or stolen devices


Muhammad Zuhair

Passionate about technology and gaming content, Zuhair focuses on analysing information and then presenting it to the audience.
Back to top button