Unfortunately, flaws of AMD secure processor got disclosed online. Though the problem is said to be solved by AMD, the solution for it by BIOS/UEFI/firmware updates for the general public is not released for the access.
Antivirus protection alone is no longer sufficient to keep your system secure. AMD secure technology brings you a built-in security system that puts the security right on your processor. Unfortunately, flaws of AMD secure processor got disclosed online. Though the problem is said to be solved by AMD, the solution for it by BIOS/UEFI/firmware updates for the general public is not released for the access. This is a chip on chip security system which was previously known as AMD PSP (platform Security Processor) which is similar to Intel ME. The AMD secure processor is an integrated coprocessor that sits next to the real AMD64x86 CPU cores and runs a separate operating system tasking with handling various security-related operations.
The Vulnerabilities discovered in the TPM of AMD secure processor
The vulnerability discovered in TPM(Trusted Platform Module) of the AMD secure processor, found by Cfir Cohen, a security researcher with Google clouds security team.The TPM is a part that is used to provide plate form integrity, disk encryption, password protection and also to store critical system data such as password, certificates and the encryption key in a secure environment and away from more easily accessible AMD cores. Cohen says; "Through manual statistic analysis, we've found a stack-based overflow in the function EKCheckCurrentCert."The researcher claim that, an attacker can split the security by using specially crafted EK certificates to get code execution right on the AMD secure processor.He also added that some basic mitigation techniques such as "stack cookies, NX stack, ASLR" were not implemented in AMD's secure processor, making exploitation trivial.But the effect on similar TPM module used by Intel ME was not mentioned. Vulnerability reported to AMD
In September it was reported by Google researchers and AMD responded in December that to fix the problem they have developed a patch.Users on Reddit reported a new option to disable AMD PSP support, but its unclear about its need.
