Google, EPYC server and consumer Ryzen Zen 4, including a wide variety of AMD processors announced that the critical vulnerability is perceived. According to Google, GAP allows attackers with the rights of a local manager to control the system using RDRAND instructions to load the malicious patches of the micro code. About it reports Print “3DNNEWS”.
The security vulnerability, which was first reported on September 25, 2023, allows attackers to start malicious software in victims’ virtual machines and access hidden data. This is because the use of non -secure mixed functions when checking the signature signatures of the microcode. This threatens even the protected environment by using the dynamic root of the AMD secure encrypted virtualization technologies (Sev-SNP) and the dynamic root of trust measurement.
The affected processors include EPYC Napoli, Rome, Milan and Genoa, as well as mobile Phoenix. It is assumed that the list of vulnerable models is much wider.
After the AMD notification, the company released the necessary updates for its customers by 17 December 2023. Currently, patches can be reduced to eliminate the vulnerability.
Observing the standard application of the responsible disclosure of information, Google avoided a statement of a public statement to provide enough time to spread AMD’s corrections. After the AMD customers had the opportunity to update their systems, the information was published in Github.
To help users in the future, Google plans to provide more detailed information about the security vulnerability and vehicles for analysis and protection, not March 5, 2024. It is recommended that users upload the latest AMD micro code updates to protect against potential threats.
A lawyer before saidRussian hackers live in the US in the colonies.
What are you thinking?
Source: Gazeta

Jackson Ruhl is a tech and sci-fi expert, who writes for “Social Bites”. He brings his readers the latest news and developments from the world of technology and science fiction.