A DRAM attack originally afflicting Intel and Arm processors can now target AMD CPUs. Fortunately, the hack is purely theoretical currently, but its creators say that it could easily crop up in the real world.
As noted by Bleeping Computer, the attack was discovered by researchers at ETH Zurich university. AMD was previously more protected against the known Rowhammer vulnerability because of the way it handles Dynamic Random Access Memory (DRAM). The newly developed ZenHammer variant, however, is much more effective against the brand.
Working in much the same way as its predecessor, the exploit revolves around manipulating data within DRAM. The attack does this through repeatedly accessing specific rows of memory cells, which is a technique known as “hammering.” Doing this enough can change bits from 1 to 0 or vice versa, thus altering the stored information. Bleeping Computer calls this “bit flipping.”
How can this affect you? Bad actors could use the method to get hold of cryptographic keys that unlock sensitive information or even escalate privileges to gain control of your device.
Testing the three most recent architectures, AMD Zen 2 is the most vulnerable, succumbing to hacks 70% of the time. Zen 3 fared a little better, with a 60% failure rate. Trending in the right direction, Zen 4 is the most secure by far, only tripping up in 10% of the experiments.
This is largely thanks to the jump from DDR4 to DDR5. The newer standard not only features mitigations, but also improved “on-die error correction code (ECC) and a higher refresh rate (32ms).”
Short of upgrading your PC, the only defence you have is to keep up with system updates. AMD will regularly update software and firmware to ease the issue. In fact, Team Red is currently investigating ZenHammer and has proposed ways you can protect yourself. This isn’t Ryzen’s first rodeo, so we’re hopeful the company is hot on the heels of a fix. In the meantime, rest assured that it’s not easy to pull off attacks like this.