Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Serious security flaw discovered in AMD Zen chips
A serious security vulnerability has just been discovered by Google researchers, threatening millions of AMD Zen processors (CPUs) worldwide. This vulnerability can allow hackers to take complete control of the system, causing unpredictable consequences.
The "EntrySign" vulnerability affects all AMD Zen processors from Zen 1 to Zen 4 generations. By exploiting a flaw in AMD's microcode authentication process, an attacker can install custom microcode, changing the CPU's behavior at a fundamental level.
AMD Zen CPUs have dangerous vulnerabilities.
With control of the microcode, hackers can perform many sophisticated attacks, such as modifying the RDRAND instruction to generate fake random numbers, or even installing undetectable malware.
To aid in researching and fixing the vulnerability, Google has released zentool, an open-source 'cracking' toolkit that allows researchers to create, sign, and deploy custom microcode patches on vulnerable CPUs.
AMD responded quickly by releasing microcode updates that replaced the compromised authentication process with a custom secure hash function. Users are advised to update their CPU microcode to the latest version as soon as possible to protect their systems from potential attacks.
The EntrySign vulnerability is a reminder of the importance of ensuring hardware security, especially in the face of increasingly sophisticated cyberattacks.
Kareem WintersYou should read it
- 6 apps make your Instagram Stories even more awesome
- Instructions on how to add FTP, Network Location drives on Windows 7, 8
- Instructions for recovering email sent on Gmail iPhone / iPad
- Gigabyte introduced the dual-core M1005 netbook
- Origin icons on Apple products
- Use BitLocker to encrypt external storage drives - Part 2
- How to set up using a proxy server for Wifi on Android
- How to Build an Accounting Practice
May be interested
- Detecting a serious security vulnerability on macOS, this 18-year-old youth refused to disclose it because Apple did not pay the bonus
linus henze, an 18-year-old german, recently claimed to have discovered a serious security flaw on macos that could expose the machine's storage passwords to malicious applications. - Apple: Security flaw in iPhone's USB-C port is not a concernnew security vulnerability discovered on usb-c controller of iphone 15 and 16, should users worry?
- Cisco security equipment is targeted at DoS attacks through an old vulnerabilitya critical flaw that was successfully discovered and patched in mid-2018 has been reported to reappear on cisco adaptive security (asa) and firepower devices.
- Warning of the risk of businesses being attacked through micro-chips attached to serversaccording to securitybox, a network security company in vietnam, it is possible to penetrate important information systems of businesses, organized through micro chips.
- Chrome and Firefox have a serious security flaw, there is no way to fix itthis security flaw first appeared in february, and was later fixed by google via an update to the google chrome browser. however, this security hole has recently reappeared on chrome 67 and most likely has 'evolved' to be harder to destroy than before.
- Not yet released, but iOS 13 has a security hole that bypasses the lock screenios 13 will launch on september 19, but jose rodriguez, a security researcher, has discovered a flaw that allows hackers to bypass the lock screen on this version of ios.
- Detecting an 8-year-old security flaw, affecting 150 HP printer modelsresearchers have discovered several security vulnerabilities affecting at least 150 models of hp multifunction printers (print, scan, fax).
- Sim vulnerabilities threaten more than 1 billion phones globallyrecently, researchers at adaptivemobile security, based in dublin (usa), have discovered a security vulnerability called simjacker that could use users' own sim phones to track them. .
- Vulnerability detection on TP-Link routers allows an attacker to log in without a passworda serious security flaw affects some archer routers, which could allow potential attackers to control devices over a remote lan via a telnet connection without having to provide confidentiality. administrator password.
- DeepTime is taking advantagea report by websense, a security firm on december 4, said a flaw in quicktime's javascript handling combined with the vulnerability in myspace has inadvertently helped spread a new worm.
Tech info
- Hackers blackmail and force YouTuber to spread cryptocurrency mining malware
- 3 shortcomings that make iPhone 17 Air inferior to competitors
- Bill Gates warns young people about 4 global threats
- Revealing the secret formula behind DeepSeek's huge success
- Microsoft Just Did the Unthinkable with Free Copilot
- Thousands of Android and iOS users hit by new malware
Hackers blackmail and force YouTuber to spread cryptocurrency mining malware
3 shortcomings that make iPhone 17 Air inferior to competitors
Bill Gates warns young people about 4 global threats
Revealing the secret formula behind DeepSeek's huge success
Microsoft Just Did the Unthinkable with Free Copilot
Thousands of Android and iOS users hit by new malware