Serious security flaw discovered in AMD Zen chips
A serious security vulnerability has just been discovered by Google researchers, threatening millions of AMD Zen processors (CPUs) worldwide. This vulnerability can allow hackers to take complete control of the system, causing unpredictable consequences.
The "EntrySign" vulnerability affects all AMD Zen processors from Zen 1 to Zen 4 generations. By exploiting a flaw in AMD's microcode authentication process, an attacker can install custom microcode, changing the CPU's behavior at a fundamental level.
AMD Zen CPUs have dangerous vulnerabilities.
With control of the microcode, hackers can perform many sophisticated attacks, such as modifying the RDRAND instruction to generate fake random numbers, or even installing undetectable malware.
To aid in researching and fixing the vulnerability, Google has released zentool, an open-source 'cracking' toolkit that allows researchers to create, sign, and deploy custom microcode patches on vulnerable CPUs.
AMD responded quickly by releasing microcode updates that replaced the compromised authentication process with a custom secure hash function. Users are advised to update their CPU microcode to the latest version as soon as possible to protect their systems from potential attacks.
The EntrySign vulnerability is a reminder of the importance of ensuring hardware security, especially in the face of increasingly sophisticated cyberattacks.
You should read it
- A look at Google's 2018: A year of volatility
- The process of turning 200kg whale hearts into 'plastic hearts' is not decomposed
- 6 apps make your Instagram Stories even more awesome
- Instructions on how to add FTP, Network Location drives on Windows 7, 8
- Instructions for recovering email sent on Gmail iPhone / iPad
- Gigabyte introduced the dual-core M1005 netbook
- Origin icons on Apple products
- Use BitLocker to encrypt external storage drives - Part 2
- How to set up using a proxy server for Wifi on Android
- How to Build an Accounting Practice
- 2020 stimulus check: How to use the $1,200 coming in the mail
- The safest and most secure way to encrypt data
May be interested
Hackers blackmail and force YouTuber to spread cryptocurrency mining malware
3 shortcomings that make iPhone 17 Air inferior to competitors
Bill Gates warns young people about 4 global threats
Revealing the secret formula behind DeepSeek's huge success
Microsoft Just Did the Unthinkable with Free Copilot
Thousands of Android and iOS users hit by new malware