It’s not been a great few days for those of us looking to protect our sensitive data from hackers, what with a critical Linux kernel vulnerability being disclosed, a Netgear router Wi-Fi security bypass confirmed, and 3 billion Chrome users being advised to update immediately as high-level vulnerabilities are detected in the web browser client. Now, security researchers working at Google have found a vulnerability in some AMD Zen-based CPUs that would allow a hacker to load malicious CPU microcode resulting in loss of confidentiality and integrity. Here’s what you need to know and do.
A Feb. 3 disclosure from researchers running within the framework of Google’s security team showed a top-level security vulnerability that has an effect on AMD Zen 1 to 4. “This vulnerability allows an adversary with the privileges of local directors to maliciously upload microcode fixes,” Google Elite warned the hackers. They then described how they were able to manufacture arbitrary solutions of malicious microcode of thank you to the CPUs in query that employs a lack of trust in the lack of trust in signature validation for microcode updates. “This vulnerability can be used through an opponent to compromise sensitive IT workloads protected through the most recent edition of secure AMD encrypted virtualization,” the disclosure concluded, “or to compromise the dynamic root of trust measurement. “
Google said it contacted AMD on September 25, 2024, to disclose the effects of the paints on this zen vulnerability, and “AMD provided an embargo fix to its customers,” on December 17, 2024. “Coordinating with AMD,” the “Google Safety Safety” team noted, “We have made an exclusive exception to our policy to disclose the vulnerability popular and behind public disclosure through February 3” The opportunity to protect themselves and their devices.
In a security advisory, AMD said it had made a mitigation requiring a microcode update on all affected platforms. In addition, a firmware update is a secure platform. “Updating the system BIOS prompt and restarting the platform will allow for a dimming certificate,” AMD added. Zen CPU users are invited to consult their OEM for biological BIOS updates that have those vulnerability fixes included.
A community. Many voices. Create a slack count to keep your thoughts down.
Our network is to attach other people through open and thoughtful conversations. We need our readers to make their revisions and exchange concepts and facts in one space.
In order to do so, please follow the posting rules in our site’s Terms of Service. We’ve summarized some of those key rules below. Simply put, keep it civil.
Your message will be rejected if we realize that it turns out to contain:
User accounts will be blocked if we become aware or that users are compromised:
So how can you be a difficult user?
Thanks for reading our network directives. Read the complete list of publication regulations discovered the situations of use of our site.