AMD Auto-Updater Downloads Drivers Over Insecure Connection
An independent researcher known only as Paul reported in 2026 that AMD's Windows driver auto-updater downloads eligible updates over insecure HTTP connections, according to an archived blog post later temporarily taken down. The method could allow attackers on the network or intermediaries to intercept and modify driver packages, potentially installing malware with administrator privileges; AMD has not publicly confirmed the report.
Scoring Rationale
Documented supply-chain vulnerability creates direct operational risk and mitigations, but single-source reporting and pending vendor confirmation limit certainty.
Practice with real Ride-Hailing data
90 SQL & Python problems · 15 industry datasets
250 free problems · No credit card
See all Ride-Hailing problemsStep-by-step roadmaps from zero to job-ready — curated courses, salary data, and the exact learning order that gets you hired.
Sources
- Read OriginalSecurity researcher says AMD auto-updater downloads software insecurely, enabling remote code execution — company rep reportedly said man-in-the-middle attacks are "out of scope," ignored bugtomshardware.com
