In cybersecurity, AMD is not invincible to security flaws. CTS Labs discovered vulnerabilities in AMD's products. We are dealing with 4 types of flaws:
- Masterkey
- Ryzenfall
- Fallout
- Chimera
They affect the EPYC, Ryzen, Ryzen Pro, and Ryzen Mobile line of processors. The scary fact is all that is needed is an admin account to exploit this vulnerability on an AMD computer, laptop or server. Basically this exploit allows the malware to reside in a trusted security enclave co-processor, so it is a form of advanced persistent threat. The problem is that once the malware is resident inside the chip, there is no actual way current antivirus can detect it.
As of posting, THERE ARE NO KNOWN FIXES TO THESE PROBLEMS. Firmware vulnerabilities such as Masterkey, Ryzenfall and Fallout can take several months to fix. Hardware vulnerabilities such as Chimera cannot be fixed and require a workaround, like with intel's Meltdown and Spectre hardware flaws. Unlike the intel flaws, these issues were not disclosed by the researchers at CTS Labs to AMD first, which has them really pissed. That caught AMD off guard so they are investigating the credibility of these flaws on their end. Awaiting patches.
Suggested Reading:
https://www.digitaltrends.com/computing/amd-ryzenfall-vulnerabilties/