Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Serious security vulnerability on AMD CPUs has been patched
Users need to update the microcode patch immediately to ensure security.
AMD has just disclosed information about a serious security vulnerability (CVE-2024-56161) affecting Zen CPUs from 1 to 4. The vulnerability, discovered by researchers at Google, allows attackers with local administrator privileges to load malicious CPU microcode, thereby stealing sensitive information from virtual machines protected by AMD's SEV (Secure Encrypted Virtualization) feature.
Advertisement
Serious security vulnerability on AMD CPUs has been patched Picture 1
Advertisement
AMD patches dangerous vulnerability in Zen CPUs.
SEV is a hardware security technology designed to protect data in virtual machines running on AMD EPYC processors. It works by encrypting each virtual machine's memory with unique keys, preventing unauthorized access from the hypervisor or other virtual machines.
The vulnerability CVE-2024-56161 stems from a signature verification error in the CPU ROM microcode patch loader. An attacker can exploit this bug to disable SEV and steal data from virtual machines.
Although a patch for this vulnerability was released by AMD in mid-December 2024, the company only recently released the information to ensure users have enough time to update.
To address the vulnerability, users will need to update the microcode on all affected platforms. AMD recommends users update the system BIOS image and reboot the device to enable SEV-SNP attestation, which will help verify the mitigation has been applied.
Serious security vulnerability on AMD CPUs has been patched Picture 2
Saved post successfully
You can review saved articles on the Saved Articles page.
Agree
Jessica TannerYou should read it
- 10 common errors in virtualization
- Virtualization realization
- Intel released Microcode for CPU Linux to fix Meltdown and Specter
- What is KVM (Kernel-Based Virtual Machine)?
- What is virtualization? Why should you use this technology?
- VMware patches RCE Spring4Shell vulnerability on a wide range of products
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
- Security and virtualization
- Use the Virtual Machine Manager to quickly deploy Hyper-V
- Create clone virtual machine for current Windows hard drive
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- VirtualBox and VMware: Which virtual machine software is better?
May be interested
Cryptocurrency-Stealing Malware Suddenly Sneaks Into the App Store
iPhone screenshot reading malware appears for the first time
Malware using machine learning technology, downloaded more than 240,000 times by Android users
Record number of users and messages sent per day via Zalo
After DeepSeek, the tech world is shocked by China's new AI
Apple is about to surprise users with iOS 18.3.1
Tech info
AMD CPUs also have security vulnerabilities that have existed for many years now!
Found an 'unpatchable' flaw in Intel CPUs
Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
A dangerous vulnerability that has existed for 18 years threatens millions of AMD Ryzen and EPYC CPUs
Microsoft silently patched the KRACK WPA2 security hole- AMD patched a series of security holes in the graphics driver for Windows 10
Microsoft silently patched the KRACK WPA2 security hole
AMD patched a series of security holes in the graphics driver for Windows 10