A mysterious lab based out of Israel named CTS-Labs notified AMD of five potential flaws in the Ryzen product line 24 hours before it was disclosed. This is typically done 90 days to give the tech companies a chance to fix any flaws before public disclosure in the interest of not having vulnerabilities publicly disclosed in an amount of time that puts people at risk that use them. In the 90 days investigations can occur, and they can try to have a solution ready for the time public disclosure is released.
Not too long ago the Meltdown and Spectre problems were found that impacted Intel far more than AMD and the required fixes are known in some cases to result in a 50% reduction in efficiency of the processors. That was a normal announcement with patches and plans in place at the time of disclosure. This is not the case with this CTS-Labs exposure.
CTS-Labs registered the website that they put the information on February 22nd, and the graphics level are sufficient on the site to indicate they were aware of the problem for some time. They chose to build up a fancy website and prepare for the announcement rather than notify AMD. Ask yourself, why would they do that?
In addition, to these details CTS-Labs also hired a PR firm to handle incoming requests for information. CTS-Labs was started in 2017, and this is the first report they have released to the public.
This was brought to my attention as I read the following Anandtech article, though I also have reviewed other material which I will provide.
Security Researchers Publish Ryzen Flaws, Gave AMD 24 hours Prior Notice
It is worth reading the updates and comments on that particular article. The tables above are screen captures from that article.
Assassination Attempt on AMD by Viceroy Research & CTS Labs
