Multiple Architectures at Risk from Genbleed Vulnerability, Urgent Microcode Update Required
Multiple computer architectures are facing a potential security threat due to the recently discovered Genbleed vulnerability in AMD’s Zen2 series CPUs, as reported by renowned security expert Tarvis Ormandy. Exploiting this vulnerability could result in the compromise of sensitive data. The vulnerability, identified as CVE-2023-20593, is triggered during the execution of a command known as vzeroupper. Notably, the data leakage rate associated with this vulnerability remains relatively moderate, at approximately 30 kilobytes per second.
Affected architectures include the Ryzen 3000 series, the Ryzen 4000U/H series, the Ryzen 5000U series, the Ryzen 7020, and the ThreadRipper 3000 series, all of which are based on the Zen2 design. It is crucial to highlight that this vulnerability, also known as Zenbleed, can potentially exploit any operating system.
To address this critical security concern, it is paramount for users with affected CPUs to promptly apply the microcode update provided by AMD. By doing so, they can mitigate the risks associated with the Genbleed vulnerability. Security expert Tavis Ormandy endorses this solution, affirming that utilizing the microcode update will effectively counter the identified vulnerability.
It is imperative for system owners to remain vigilant and ensure that their devices are protected against potential cyber threats. By promptly employing the microcode update, users can safeguard their sensitive information from exploitation.
Many Architectures Threatened by the Genbleed Vulnerability… Microcode Update Needed
Summary: According to foreign press security Bleeping Computer, a new vulnerability was discovered in AMD’s Zen2 series CPUs. Successful exploitation of this vulnerability could lead to the theft of sensitive data, according to security expert Tarvis Ormandy. This vulnerability, CVE-2023-20593, was analyzed to be triggered in the processing of a command called vzeroupper. The speed at which information is dropped is not that fast, staying around 30 kilobytes per second.
[이미지 = gettyimagesbank]
Background: Zen2-based architectures include the Ryzen 3000 series, the Ryzen 4000U/H series, the Ryzen 5000U series, the Ryzen 7020, and the ThreadRipper 3000 series. Any operating system can be exploited, and some call this the Zenbleed vulnerability.
Verbatim: “If you have an affected CPU, it is safe to address the vulnerability through the new microcode update that AMD is distributing.” -Tavis Ormandi-
[국제부 문가용 기자(globoan@boannews.com)]
www.boannews.com ) Unauthorized reproduction – redistribution prohibited >
#Disclosure #Vulnerability #Discovered #AMD #Zen2 #Chipsets
