When picking the best CPU and best GPU, you usually weigh things like power, performance, efficiency, and compatibility. Those are all important, of course, but they are not the only metrics to look at. A recent security report by Intel claims that its CPUs and GPUs are more secure than those from rivals AMD and NVIDIA.
The 2024 Intel Product Security Report covers a breadth of topics. While several highlights from the report focus solely on Intel's reaction to security threats, several key points discuss AMD and NVIDIA.
Most notably, AMD claims that AMD CPUs had 4.4 times more firmware vulnerabilities in hardware root-of-trust than Intel. Intel also claims that NVIDIA GPUs only had high-severity vulnerabilities in 2024, and that there were 18 such vulnerabilities. Intel states that its GPUs only had 10 reported issues and that only one was marked as high or severe.
In the root-of-trust category, Intel states that 100% of vulnerabilities affecting its chips were found by internal employees. AMD, in contrast, only found 58% of vulnerabilities internally, leaving 42% to be discovered by external security researchers.
Intel also highlighted that 78 vulnerabilities listed by AMD are marked as "no fix planned."
Below are the key points summarized by Intel:
- 96% of the vulnerabilities addressed by Intel in 2024 were discovered through Intel’s proactive product security assurance efforts.
- 100% of the Intel processor vulnerabilities addressed were discovered through internal security research.
- 53% of the 374 vulnerabilities Intel addressed received a bug bounty payment.
- 84% of the bug bounties paid were in the software category.
- AMD reported 4.4x more firmware vulnerabilities in their hardware root-of-trust than Intel.
- AMD reported 1.8x more firmware vulnerabilities in their confidential computing technologies than Intel.
- In the GPU category, NVIDIA had only high-severity vulnerabilities (18) in 2024.
Within the full report, Intel discusses platform firmware vulnerabilities. The company shared that its "proactive product security assurance efforts resulted in the discovery and mitigation of 94% of platform firmware vulnerabilities." In contrast, AMD only proactively discovered 57% of the platform vulnerabilities that were disclosed last year.
Intel sharing the report may come across as simply mudslinging at its rivals, but there is a consumer benefit to making security reports public. AMD and NVIDIA are now pressured to respond to any vulnerabilities or issues highlighted by Intel. It's common practice in the tech industry to share security reports publicly.
Of course, there are also benefits for Intel in highlighting faults of its competitors, but any good PR that stems from the report is not the sole reason to publish the security findings.
Intel has had a tumultuous past several years. The company just saw its former CEO Pat Gelsinger retire. In Gelsinger's tenure, the company saw a $1.6 billion loss in a single quarter and laid off thousands of employees. Intel Foundry Services has been described by many as "floundering." Intel needs to earn back consumer trust, and good security figures could help.
