AMD Swiftly Fixes Critical Bug Allowing Hackers to Exploit CPUs with Malicious Microcode Patches. Here is A Quick Look.

  • Home » AMD Swiftly Fixes Critical Bug Allowing Hackers to Exploit CPUs with Malicious Microcode Patches. Here is A Quick Look.
AMD
Featured News Latest News Recommended News Security Technology , , , , ,

AMD Swiftly Fixes Critical Bug Allowing Hackers to Exploit CPUs with Malicious Microcode Patches. Here is A Quick Look.

AMD has released mitigation and firmware updates to address a high-severity vulnerability that could allow hackers to load malicious CPU microcode on unpatched devices. The security flaw, identified as CVE-2024-56161, stems from an improper signature verification weakness in AMD’s CPU ROM microcode patch loader.

Attackers with local administrator privileges can exploit this weakness, leading to the loss of confidentiality and integrity of a confidential guest running under AMD Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP).

YEDDbAMj7uUnWpGTaT4UMS-1024x576 AMD Swiftly Fixes Critical Bug Allowing Hackers to Exploit CPUs with Malicious Microcode Patches. Here is A Quick Look.

Discovery and Report

Google security researchers discovered and reported the flaw to AMD, demonstrating the ability to craft arbitrary malicious microcode patches on Zen 1 through Zen 4 CPUs. The vulnerability arises because the CPU uses an insecure hash function in the signature validation for microcode updates. This flaw could be exploited by an adversary to compromise confidential computing workloads protected by the newest version of AMD Secure Encrypted Virtualization, SEV-SNP, or to compromise Dynamic Root of Trust Measurement.

AMD’s Mitigation Measures

To address this issue, AMD has provided mitigation requiring a microcode update on all affected platforms. Some platforms also require a SEV firmware update for SEV-SNP attestation, with users needing to update the system BIOS and reboot to enable attestation of the mitigation. Users can confirm that the mitigation has been correctly installed by checking whether the microcode version matches the one listed in AMD’s table.

Cache-Based Side-Channel Attacks

Additionally, AMD has received a report from National Taiwan University detailing cache-based side-channel attacks against Secure Encrypted Virtualization (SEV). These attacks impact data center (1st Gen to 4th Gen AMD EPYC) and embedded (AMD EPYC 3000/7002/7003/9004) processors. AMD advised developers to follow best practices for prime and probe attacks, avoid secret-dependent data whenever possible, and follow guidance regarding Spectre-type attacks.

Importance of Firmware Security

AMD’s swift response to this vulnerability highlights the importance of firmware security. The company has coordinated with its OEM partners to ensure that the necessary updates are distributed and installed promptly. This situation underscores the challenges of managing firmware vulnerabilities and the need for continuous vigilance in the cybersecurity landscape.

Conclusion

In conclusion, AMD’s proactive measures to fix the bug demonstrate its commitment to maintaining the security and integrity of its products. By addressing the vulnerability and providing detailed guidance to users, AMD aims to protect its customers from potential attacks and ensure the continued reliability of its hardware.

You think you have a story worth everyone’s time? SUBMIT A STORY and we will publish it

Share this content:

Tag

Related Posts

Post Comment