AMD驱动更新器曝高危MITM漏洞，HTTP下载致远程代码执行风险

DoNews

Feb 07

2026年2月7日，安全研究员保罗发现AMD Windows驱动自动更新程序存在高危安全漏洞。该程序在下载驱动包时使用未加密HTTP连接，攻击者可通过劫持ati.com域名实施中间人攻击，利用更新进程的管理员权限执行恶意代码。漏洞已提交AMD，但官方以“MITM不在修复范围内”为由暂不处理。保罗通过逆向分析确认，更新列表虽经HTTPS获取，但实际下载链接为HTTP，且相关逻辑或可追溯至2017年。...

Source Link

Disclaimer: Investing carries risk. This is not financial advice. The above content should not be regarded as an offer, recommendation, or solicitation on acquiring or disposing of any financial products, any associated discussions, comments, or posts by author or other users should not be considered as such either. It is solely for general information purpose only, which does not consider your own investment objectives, financial situations or needs. TTM assumes no responsibility or warranty for the accuracy and completeness of the information, investors should do their own research and may seek professional advice before investing.

Most Discussed

{"basename":"","ssrTDKData":{"titleTemplate":"%s - Tiger Brokers","title":"Tiger Brokers | Global Stocks, Options & Futures Trading App","description":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","keywords":"tiger brokers,tiger trade,tiger brokers singapore,broker online,stock trading in singapore,share trading singapore,brokerage firm singapore,trading app,stock broker singapore,stock trading platforms,trading account","social":{"ogDescription":"Tiger Brokers, one-stop investment in US stocks, SGX stocks, HK stocks, A-shares & other global assets. One of the best stock trading platforms in Singapore.","ogImage":"https://c1.itigergrowtha.com/portal5/static/media/og-logo.be62fbe1.png","ogUrl":"https://www.itiger.com/news/2609400465"},"companyName":"Tiger Brokers"},"pageData":{"isMobile":false,"isTiger":false,"isTTM":true,"region":"SGP","license":"TBSG","edition":"fundamental"},"isCrawlerRequest":true,"__swrFallback__":{"@#url:\"https://stock-news.skytigris.cn/v3/news\",params:#id:\"2609400465\",edition:\"fundamental\",auth_exemption:1,,,undefined,":{"share":"https://ttm.financial/m/news/2609400465?lang=en_US&edition=fundamental","thumbnail":"","is_english":false,"pubTime":"2026-02-07 22:37","share_image_url":"https://static.laohu8.com/9a95c1376e76363c1401fee7d3717173","id":"2609400465","market":"us","top_or_hot":-1,"title":"AMD驱动更新器曝高危MITM漏洞，HTTP下载致远程代码执行风险","media":"DoNews","content":"<div>\n<p>2026年2月7日，安全研究员保罗发现AMD Windows驱动自动更新程序存在高危安全漏洞。该程序在下载驱动包时使用未加密HTTP连接，攻击者可通过劫持ati.com域名实施中间人攻击，利用更新进程的管理员权限执行恶意代码。漏洞已提交AMD，但官方以“MITM不在修复范围内”为由暂不处理。保罗通过逆向分析确认，更新列表虽经HTTPS获取，但实际下载链接为HTTP，且相关逻辑或可追溯至2017年。...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260207223815a4885d14&s=b\">Source Link</a>\n\n</div>\n","source":"tencent","html":"<!DOCTYPE html>\n<html>\n<head>\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=utf-8\" />\n<meta name=\"viewport\" content=\"width=device-width,initial-scale=1.0,minimum-scale=1.0,maximum-scale=1.0,user-scalable=no\"/>\n<meta name=\"format-detection\" content=\"telephone=no,email=no,address=no\" />\n<title>AMD驱动更新器曝高危MITM漏洞，HTTP下载致远程代码执行风险</title>\n<style type=\"text/css\">\na,abbr,acronym,address,applet,article,aside,audio,b,big,blockquote,body,canvas,caption,center,cite,code,dd,del,details,dfn,div,dl,dt,\nem,embed,fieldset,figcaption,figure,footer,form,h1,h2,h3,h4,h5,h6,header,hgroup,html,i,iframe,img,ins,kbd,label,legend,li,mark,menu,nav,\nobject,ol,output,p,pre,q,ruby,s,samp,section,small,span,strike,strong,sub,summary,sup,table,tbody,td,tfoot,th,thead,time,tr,tt,u,ul,var,video{ font:inherit;margin:0;padding:0;vertical-align:baseline;border:0 }\nbody{ font-size:16px; line-height:1.5; color:#999; background:transparent; }\n.wrapper{ overflow:hidden;word-break:break-all;padding:10px; }\nh1,h2{ font-weight:normal; line-height:1.35; margin-bottom:.6em; }\nh3,h4,h5,h6{ line-height:1.35; margin-bottom:1em; }\nh1{ font-size:24px; }\nh2{ font-size:20px; }\nh3{ font-size:18px; }\nh4{ font-size:16px; }\nh5{ font-size:14px; }\nh6{ font-size:12px; }\np,ul,ol,blockquote,dl,table{ margin:1.2em 0; }\nul,ol{ margin-left:2em; }\nul{ list-style:disc; }\nol{ list-style:decimal; }\nli,li p{ margin:10px 0;}\nimg{ max-width:100%;display:block;margin:0 auto 1em; }\nblockquote{ color:#B5B2B1; border-left:3px solid #aaa; padding:1em; }\nstrong,b{font-weight:bold;}\nem,i{font-style:italic;}\ntable{ width:100%;border-collapse:collapse;border-spacing:1px;margin:1em 0;font-size:.9em; }\nth,td{ padding:5px;text-align:left;border:1px solid #aaa; }\nth{ font-weight:bold;background:#5d5d5d; }\n.symbol-link{font-weight:bold;}\n/* header{ border-bottom:1px solid #494756; } */\n.title{ margin:0 0 8px;line-height:1.3;color:#ddd; }\n.meta {color:#5e5c6d;font-size:13px;margin:0 0 .5em; }\na{text-decoration:none; color:#2a4b87;}\n.meta .head { display: inline-block; overflow: hidden}\n.head .h-thumb { width: 30px; height: 30px; margin: 0; padding: 0; border-radius: 50%; float: left;}\n.head .h-content { margin: 0; padding: 0 0 0 9px; float: left;}\n.head .h-name {font-size: 13px; color: #eee; margin: 0;}\n.head .h-time {font-size: 11px; color: #7E829C; margin: 0;line-height: 11px;}\n.small {font-size: 12.5px; display: inline-block; transform: scale(0.9); -webkit-transform: scale(0.9); transform-origin: left; -webkit-transform-origin: left;}\n.smaller {font-size: 12.5px; display: inline-block; transform: scale(0.8); -webkit-transform: scale(0.8); transform-origin: left; -webkit-transform-origin: left;}\n.bt-text {font-size: 12px;margin: 1.5em 0 0 0}\n.bt-text p {margin: 0}\n</style>\n</head>\n<body>\n<div class=\"wrapper\">\n<header>\n<h2 class=\"title\">\nAMD驱动更新器曝高危MITM漏洞，HTTP下载致远程代码执行风险\n</h2>\n\n<h4 class=\"meta\">\n\n\n2026-02-07 22:37 北京时间&nbsp;&nbsp;&nbsp;<a href=http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260207223815a4885d14&s=b><strong>DoNews</strong></a>\n\n\n</h4>\n\n</header>\n<article>\n<div>\n<p>2026年2月7日，安全研究员保罗发现AMD Windows驱动自动更新程序存在高危安全漏洞。该程序在下载驱动包时使用未加密HTTP连接，攻击者可通过劫持ati.com域名实施中间人攻击，利用更新进程的管理员权限执行恶意代码。漏洞已提交AMD，但官方以“MITM不在修复范围内”为由暂不处理。保罗通过逆向分析确认，更新列表虽经HTTPS获取，但实际下载链接为HTTP，且相关逻辑或可追溯至2017年。...</p>\n\n<a href=\"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260207223815a4885d14&s=b\">Source Link</a>\n\n</div>\n\n\n</article>\n</div>\n</body>\n</html>\n","isBrief":false,"type":0,"news_type":1,"symbol":"AMDD","symbol_name":"1倍做空AMD ETF-Direxion","start_time":0,"source_url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260207223815a4885d14&s=b","article_id":"2609400465","we_media_id":null,"thumbnails":[],"rights":{"source":"tencent","url":"http://gu.qq.com/resources/shy/news/detail-v2/index.html#/?id=nesSN20260207223815a4885d14&s=b","rn_cache_url":null,"customStyle":"body{padding-top:10px;}#news_title{font-weight:bold;#titleStyle#;}#news_description span{font-size:12px;#descriptionStyle#;}.footer-note{#statement#}","selectors":".mod-LoadTzbdNews, body","filters":".relate-stock, .hot-list, .recom-box, .wx-sou","directOrigin":true},"url":"https://stock-news.laohu8.com/highlight/detail?id=2609400465","pubTimestamp":1770475022,"columns":[],"sourceInfo":{"source_id":"tencent","name":"腾讯"},"weMediaInfo":null,"summary":"2026年2月7日，安全研究员保罗发现AMD Windows驱动自动更新程序存在高危安全漏洞。该程序在下载驱动包时使用未加密HTTP连接，攻击者可通过劫持ati.com域名实施中间人攻击，利用更新进程的管理员权限执行恶意代码。漏洞已提交AMD，但官方以“MITM不在修复范围内”为由暂不处理。保罗通过逆向分析确认，更新列表虽经HTTPS获取，但实际下载链接为HTTP，且相关逻辑或可追溯至2017年。目前AMD尚未公开回应，保罗原博客文章亦因外部请求临时下架。","collect":0,"end_time":0,"defaultTopTitle":"qq.com","property":[],"viewcount":null,"language":"zh","relate_stocks":{"AMDD":"1倍做空AMD ETF-Direxion","AMYY":"GraniteShares YieldBOOST AMD ETF","LU2355687059.USD":"NORDEA 1 GLOBAL IMPACT  \"BP\" (USD) ACC","IE0009356076.USD":"JANUS HENDERSON GLOBAL TECHNOLOGY AND INNOVATION \"A2\" (USD) ACC","LU2931357623.SGD":"MANULIFE GF GLOBAL SEMICONDUCTOR OPPORTUNITIES \"AA\" (SGDHDG) ACC","LU0719512351.SGD":"JPMorgan Funds - US Technology A (acc) SGD","BK4554":"元宇宙及AR概念","LU1803068979.SGD":"FTIF - Franklin Technology A (acc) SGD-H1","BK4532":"文艺复兴科技持仓","BK4512":"苹果概念","AMDG":"2倍做多AMD ETF- Leverage Shares","LU1923623000.USD":"Natixis Thematics AI & Robotics Fund R/A USD","LU0979878070.USD":"FULLERTON LUX FUNDS - ASIA ABSOLUTE ALPHA \"A\" (USD) ACC","LU0274383776.USD":"MANULIFE GF US SMALL CAP EQUITY \"AA\" (USD) INC","LU1989764664.SGD":"CPR Invest - Global Disruptive Opportunities A2 Acc SGD-H","BK4543":"AI","IE00BMPRXR70.SGD":"Neuberger Berman 5G Connectivity A Acc SGD-H","AMD":"美国超微公司","IE00BMPRXN33.USD":"NEUBERGER BERMAN 5G CONNECTIVITY \"A\" (USD) ACC","AMDL":"2倍做多AMD ETF-GraniteShares","BK4534":"瑞士信贷持仓","BK4585":"ETF&股票定投概念","LU0081259029.USD":"UBS (LUX) EQUITY FUND - TECH OPPORTUNITY \"P\" (USD) ACC","BK4141":"半导体产品","LU0198837287.USD":"UBS (LUX) EQUITY SICAV - USA GROWTH \"P\" (USD) ACC","LU2089985449.USD":"MANULIFE GF GLOBAL SEMICONDUCTOR OPPORTUNITIES \"AA\" (USD) ACC","LU2360106780.USD":"BGF WORLD TECHNOLOGY \"A4\" (USD) INC","LU1861559042.SGD":"日兴方舟颠覆性创新基金B SGD","BK4529":"IDC概念","BK4575":"芯片概念","LU2264538146.SGD":"Fullerton Lux Funds - Global Absolute Alpha A Acc SGD","DAMD":"2倍做空AMD ETF-Defiance","BK4566":"资本集团","LU0889565833.HKD":"FRANKLIN TECHNOLOGY \"A\" (HKD) ACC","AMDU":"Defiance Leveraged Long + Income AMD ETF","LU0056508442.USD":"贝莱德世界科技基金A2","LU0823421333.USD":"BNP PARIBAS DISRUPTIVE TECHNOLOGY \"C\" (USD) ACC","LU2054465674.USD":"UBS (LUX) KEY SELEC SICAV DIGITAL TRANSFORMATION T \"P\" (USD) ACC","LU0390134368.USD":"FRANKLIN GLOBAL GROWTH \"A\" (USD) ACC","LU1303367103.USD":"摩根大通多经理另类基金 A (acc)","LU1242518857.USD":"FULLERTON LUX FUNDS - ASIA ABSOLUTE ALPHA \"I\" (USD) ACC","LU1316542783.SGD":"Janus Henderson Horizon Global Technology Leaders A2 SGD","AMDW":"Roundhill AMD WeeklyPay ETF","BK4612":"AI芯片","LU0823421416.USD":"BNP PARIBAS DISRUPTIVE TECHNOLOGY \"C\" (USD) INC","LU2098885051.SGD":"JPMorgan Funds - Multi-Manager Alternatives A (acc) SGD","LU1852331112.SGD":"Blackrock World Technology Fund A2 SGD-H","BK4614":"Manus概念股","AMDY":"AMD期权收益策略ETF-YieldMax","LU2458330169.SGD":"FRANKLIN SHARIAH TECHNOLOGY \"A\" (SGD) ACC","BK4588":"碎股","LU1880398471.USD":"AMUNDI FUNDS GLOBAL EQUITY \"A2\" (USD) ACC","BK4605":"半导体精选","LU0127658192.USD":"EASTSPRING INVESTMENTS GLOBAL TECHNOLOGY \"A\" (USD) ACC","LU1880398554.USD":"AMUNDI FUNDS GLOBAL EQUITY \"A2\" (USD) INC","LU1064131342.USD":"Fullerton Lux Funds - Global Absolute Alpha A Acc USD","IE0004445239.USD":"JANUS HENDERSON US FORTY \"A2\" (USD) ACC","BK4573":"虚拟现实","LU0109392836.USD":"富兰克林科技股A","LU0082616367.USD":"摩根大通美国科技A（dist）","LU1861558580.USD":"日兴方舟颠覆性创新基金B","LU0823434583.USD":"BNP PARIBAS US GROWTH \"C\" (USD) ACC","LU2250418816.HKD":"BGF WORLD TECHNOLOGY \"A\" (HKD) ACC","IE00B5949003.HKD":"JANUS HENDERSON GLOBAL TECHNOLOGY AND INNOVATION \"A\" (HKD) ACC","LU0642271901.SGD":"Janus Henderson Horizon Global Technology Leaders A2 SGD-H","LU1988902786.USD":"FULLERTON LUX FUNDS GLOBAL ABSOLUTE ALPHA \"I\" (USD) ACC","LU1951198990.SGD":"Natixis Thematics AI & Robotics Fund H-R/A SGD-H","LU0823434740.USD":"BNP PARIBAS US GROWTH \"C\" (USD) INC","AMUU":"2倍做多AMD ETF-Direxion","LU2458330243.SGD":"FRANKLIN SHARIAH TECHNOLOGY \"A-H1\" (SGDHDG) ACC","LU1951200564.SGD":"Natixis Thematics AI & Robotics Fund R/A SGD","LU1242518931.SGD":"Fullerton Lux Funds - Asia Absolute Alpha A Acc SGD"},"translate_title":"AMD driver updater exposes high-risk MITM vulnerability, HTTP download causes remote code execution risk","themeId":null,"isJumpTheme":false,"ttsUrl":null,"symbols_score_info":{"AMYY":0.6,"AMDD":0.6,"AMDG":0.6,"AMDU":0.6,"DAMD":0.6,"AMUU":0.6,"AMDW":0.6,"AMDY":0.6,"AMD":1.91,"AMDL":0.6},"content_text":"2026年2月7日，安全研究员保罗发现AMD Windows驱动自动更新程序存在高危安全漏洞。该程序在下载驱动包时使用未加密HTTP连接，攻击者可通过劫持ati.com域名实施中间人攻击，利用更新进程的管理员权限执行恶意代码。漏洞已提交AMD，但官方以“MITM不在修复范围内”为由暂不处理。保罗通过逆向分析确认，更新列表虽经HTTPS获取，但实际下载链接为HTTP，且相关逻辑或可追溯至2017年。目前AMD尚未公开回应，保罗原博客文章亦因外部请求临时下架。","kind":"news","is_publish_news":true,"is_publish_highlight":false,"is_publish_live":false,"is_publish_wemedia":null,"editions":null,"column":"","sentiment":"0","news_tag":"policyRegulatory","news_rank":0,"symbols":[],"gpt_button":0,"need_auth":false,"code":"91000000","status":"200"}}}