New AMD Update Leaves Countless Users Vulnerable To Attacks
Shortly after getting negative press for refusing to pay a $10,000 bug bounty for a significant vulnerability, AMD is back in the news for all the wrong reasons. The company seems to have dropped a crucial Transparent Secure Memory Encryption (TSME) feature from Ryzen processors that don't carry the "PRO" badge. The problem is that AMD didn't inform users of the change, and the issue may have gone unnoticed even longer if it hadn't been discovered by an independent user.
A security researcher, Ben Kilpatrick, found the issue while installing a new OS on a computer with a Ryzen 7, and he noticed that TSME was no longer available after running a Host Security ID audit. He reached out to the engineering team at MSI, who found that the old version of the AGESA firmware still had the feature, which surprisingly didn't apply to the units running the more recent AGESA 1.2.7.0 firmware.
To make matters worse, the AMD update didn't disable the protection on Ryzen PRO processors, including the AMD Zen 5 Pro Ryzen CPU. TSME was available on consumer-level Ryzen chips, meaning that the more recent AMD Ryzen update is to blame. The company has been mostly silent about the controversy, eventually stating that the AMD encryption feature is available with PRO CPUs only.
How problematic is this?
TSME was designed to encrypt the data stored in the connected memory. The idea is to protect CPUs from various exploits, such as cold boot attacks, that can extract sensitive data contained in memory. Because TSME applies encryption to all the stored contents, attackers who reach this information are dead in the water because anything that they get is practically useless. AMD initially rolled the protection out to the more expensive CPUs, adding it to consumer-focused versions of Ryzen processors later on. The likely issue is the firmware, which silently axed the security feature from consumer chipsets, although it's unclear if this was the result of a bug, oversight, or a deliberate move by AMD.
The feature was never advertised directly because it worked perfectly on more affordable processors, but most users likely expected it to be included by default. As a result, many find the potential new policy shift to be on par with betrayal. Unfortunately, with TSME missing, consumers may now be vulnerable to everything from DRAM snooping to other forms of attacks targeting the memory. Though it's impossible to predict how damaging this will be for the company's reputation, AMD's more budget-friendly processor (as outlined in the direct Intel vs. AMD comparison) may not seem as impressive if it sacrifices security.