[UPDATE 12:10 AM Wednesday, March 14, 2018 Eastern Time (ET)]



Based on the latest available information, wccftech.com now believes that the publication of a whitepaper by CTS Labs regarding 13 alleged security issues with AMD processors this past Tuesday morning may have been financially motivated and linked to illegal AMD stock manipulation activity.

CTS Labs gave AMD and other parties involved only 24 hours to respond to its claims, whilst the researchers that discovered the Meltdown and Spectre vulnerabilities last year gave the industry 6 months to find solutions and develop workarounds.

CTS Labs has also explicitly declared potential financial interest in the companies they research, and so far they have published only one research report involving one company, AMD.

CTS Labs has issued the following disclaimer

"Although we have a good faith belief in our analysis and believe it to be objective and unbiased, you are advised that we may have, either directly or indirectly, an economic interest in the performance of the securities of the companies whose products are the subject of our reports"

Additionally, mere minutes after the the publication of the CTS Labs whitepaper yesterday morning we saw Viceroy Research, a company currently under investigation by the SEC for illegal market activities as well as an infamous stock shorter, publish their own multi-page report calling for AMD to cease sale of all its latest CPU products, declaring a $0 price target on the stock and warning of "imminent bankruptcy".

Suffice to say we thought that the situation surrounding these security flaws was dubious to say the least at first glance, but also believed there was some merit to some of the exploits reported. Since then we've learned that the majority of the alleged "fatal security flaws" reported require administrative privileges and in many cases even require the user to actively flash their BIOS with an unsigned file containing malicious code.

None of which is required for Meltdown and Spectre and something we believe is unrealistic in a real-world setting. Furthermore, none of the security issues can penetrate into kernel memory. and kernel memory, again unlike Spectre or Meltdown.

As such, we believe the report was both exaggerated and misleading and we'd urge caution surrounding any future reports from this self-proclaimed security research company.

You will find the original article as published on Tuesday morning below.