The problem is that AMD’s video drivers do not support ASLR (Address Space Layout Randomization). ASLR is one of the methods employed to prevent an attack from grabbing memory space after causing an application crash. If DEP (Data Execution Prevention) and ASLR are combined they can prevent the malicious code from executing after the forced application crash and provide a much higher level of security. This is a big deal now that we are seeing more targeted attacks on corporate, government and infrastructure systems. Microsoft has attempted to combine these two features into a single mitigation platform they call EMET (Exploit Mitigation Experience Toolkit).
Inside EMET are methods to force ASLR and DEP across the entire system regardless of whether software installed on a given system has opted to include these two security features (both are not mandatory).
In most systems DEP and ASLR are implemented in a Per-Application basis and this is ok for many consumer systems, but is not for sensitive use. Microsoft and others are working to move towards the system-wide implementation of DEP and ASLR as they help to mitigate a large range of potential attacks. For those that are interested turning on system-side DEP and ASLR is done through a registry key; do this at your own risk as if you have a driver that does not support this function your system might not boot or run correctly.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EMET\EnableUnsafeSettings (Value Set to 1)
This means that some companies might forego the use of AMD based systems despite their lower priced points and even better graphical performance. Drivers are of particular concern due to their access to the system kernel. To make things a little worse AMD was notified about this issue back in February of this year and has not implemented it despite releasing four driver updates since then (February was at 12.2 and we are looking at 12.6 now).
We hope that AMD does resolve this and soon as with the ugly specter of state-sponsored cyberattacks coming into play it could affect market acceptance of products using AMD GPUs or APUs which is something that AMD cannot afford to have happen right now.
You can read the CERT Blog entry and Vulnerability Postings to get more information.
Discuss this in our Forum
Friday, 08 June 2012 13:02
US CERT Calls AMD Out For A Security Issue In Their GPU Drivers
Written by Sean KalinichReading time is around minutes.
Ok, you know things are going bad for a product push when you hear that even the US Cyber Emergency Response Team (CERT) has decided to weigh in on security issues surrounding the use of your product. In an unusual move US CERT has released a paper outlining very specific security issues with AMD Video Drivers. This issue would affect their desktop, professional mobile and even APU based drivers.
Latest from Sean Kalinich
- ConnectWise Slash and Grab Flaw Once Again Shows the Value of Input Validation We talk to Huntress About its Impact
- Social Manipulation as a Service – When the Bots on Twitter get their Check marks
- To Release or not to Release a PoC or OST That is the Question
- There was an Important Lesson Learned in the LockBit Takedown and it was Not About Threat Groups
- NetSPI’s Offensive Security Offering Leverages Subject Matter Experts to Enhance Pen Testing