AMD Warns of New Side-Channel Attack, Offers Security Updates
Key Points
- AMD reveals a new vulnerability (TSA) similar to past cyber threats, affecting its processors, including key server models.
- The flaw lets attackers steal data from high-security systems (like kernel memory) but requires complex steps and local access.
- Firmware and OS updates are available to protect users, with AMD urging customers to contact OEMs and follow OS guidance.
AMD has warned users about a newly identified side-channel attack it calls Transient Scheduler Attack (TSA), a security risk related to advanced CPU design flaws. This vulnerability is linked to older, severe breaches like Meltdown and Spectre (2018), which allowed hackers to bypass hardware protections and steal data.
The TSA bug impacts all AMD processors, from desktop PCs to mobile devices and server hardware, with 3rd and 4th generation Epyc processors—widely used in cloud computing and data centers—for being particularly at risk. These chips are essential for companies like Microsoft and Azure, as they underpin many back-end systems. While TSA shares similarities with past attacks, it highlights a unique weakness in AMD’s CPU core design, meaning it only affects AMD hardware. Intel and Arm chips are not targeted here.
AMD explained that TSA has two variants: TSA-L1, which steals data from the L1 cache (a fast CPU memory area), and TSA-SQ, which targets the store queue (a component that handles data writes before full memory access). The store queue issue is especially concerning, as it could allow attackers to extract sensitive information from operating systems or virtual machines (used in cloud platforms like Azure). However, AMD downplays the immediate threat, rating four parts of the flaw as medium or low severity.
Why the lower concern? A successful TSA attack would require a hacker to:
- Have local access to the target machine (e.g., physical or remote control via other vulnerabilities).
- Run arbitrary malicious code on the device.
- Execute the attack repeatedly to extract usable data.
These steps make real-world exploitation unlikely, especially for large-scale systems like Windows Server or Microsoft Azure, where strict network and hardware security already limit access. Still, data could theoretically leak from the OS kernel or between virtual machines in cloud environments, a risk for businesses relying on AMD-based infrastructure.
To address this, AMD is releasing Platform Initialization (PI) firmware updates to original equipment manufacturers (OEMs) and motherboard makers. Users are advised to contact their OEM for specific BIOS patches tailored to their hardware. Additionally, AMD recommends working with operating system vendors (like Microsoft) to enable software-level fixes. Both measures aim to disable the speculative execution features that TSA exploits, though they may slightly reduce CPU performance.
The discovery of TSA came after AMD investigated a Microsoft report about microarchitectural leaks—tiny design gaps in CPU architecture that let programs siphon data through indirect channels. While Microsoft and AMD collaborated on the TSA analysis, the vulnerability is not tied directly to Windows itself but to the processors it uses in servers and cloud systems. This underscores the importance for Windows Server users and Azure customers to stay updated, as even minor hardware flaws can ripple through software ecosystems.
For now, the threat is more about being aware and proactive than panicking. “We recommend applying the available mitigations as a precaution,” an AMD spokesperson added in its advisory. With cloud computing and data centers increasingly relying on AMD chips, staying ahead of such vulnerabilities is critical for Microsoft, Azure, and other tech providers. Companies are urged to monitor updates from their PC or server vendors and ensure their OS settings align with the latest security protocols.
TSA updates from AMD are available through partners like HP, Dell, and Lenovo. Meanwhile, Microsoft Windows and Azure teams are expected to refine their guidance for users. As with past CPU flaws, this serves as a reminder that while modern processors are powerful, their deep architectural features can become unexpected security challenges.
Read the rest: Source Link
Don’t forget to check our list of Cheap Windows VPS Hosting providers, How to get Windows Server 2022, Try Windows 11 Pro for Workstations & browse Windows Azure content.
Remember to like our facebook and follow us on twitter @WindowsMode.