In recent times, there have been many CPU security vulnerabilities that have affected Intel and AMD processors , especially the former. Some of them are especially important and complicated, as they could affect the security of the user’s own data, so it is normal to have some concern and even fear of them but, to such an extent that it is worth updating the PC or changing platform to avoid them?
Many vulnerabilities are somewhat banal, since they involve having physical access to our computer and it is quite unlikely that a malicious “hacker” will enter our home and access the PC to try to take advantage of it. More serious are the vulnerabilities that allow remote access to our system, since it is precisely these that can affect us most on foot, but so much to be afraid of?
How CPU Vulnerabilities Affect Users
As a general rule, the vulnerabilities of the processors of both Intel and AMD have to do with the internal micro code, and fortunately most of them can be solved with simple firmware updates that, yes, must be developed and launched by manufacturers and that are applied as a general rule through a BIOS update of the motherboard, as it happens with AGESA from AMD without going any further. In other words, for us users have a fairly simple solution.
Some vulnerabilities may allow an external attacker to gain control of a certain part of the PC environment. It is not that they will be able to control our PC as if they were connected by TeamViewer, VNC or Remote Desktop, but they could have access to extract certain data, it depends on what the vulnerability affects.
One of the most serious, for example, allowed access to the ROM of the CSE (Converged Security Engine) of Intel processors, allowing to take control of the device’s security certificates of the machine. It is not that the attacker could access your digital finance certificates , for example, but the trusted certificates of the hardware devices, allowing them to be edited creating errors on the PC, or allowing the installation of malicious software since the CSE did not do so. would block thinking that it comes from a reliable source.
AMD is not sparing either, as all of its processors manufactured between 2011 and 2019 were shown to be vulnerable to attacks known as Collide + Probe and Load + Reload, potentially affecting thousands of users.
It’s a matter of probability
As we said, most vulnerabilities require physical access to the affected machine, a highly unlikely case for the vast majority. On the other hand, do not think that there is a legion of hackers constantly looking for vulnerabilities to try to steal your credit card data (for that they use other much less complicated methods); These vulnerabilities come to light because there are groups of experts in security and ethical hacking that expose them, and what they do is notify the manufacturer itself to fix them in advance, even before making them public.
In other words, it is highly unlikely that even if your processor has one or more vulnerabilities, they will end up affecting you, especially since the first targets of hackers are always companies, since they are the ones that can get the most money.
Does updating or changing the platform solve the problems?
It can be, but only temporarily. Hopelessly over time new vulnerabilities in CPU will continue to appear as it is impossible to create a perfectly secure system. In other words, upgrading or switching platforms may momentarily free you from current known vulnerabilities, but it does not make you immune to future vulnerabilities that come to light over time.
The best method to be relatively protected is to keep an eye on the security patches and updates that both Intel and AMD are taking out in their microcodes, and implement them by updating the BIOS of the motherboard.
