Multiple Architectures at Risk from Genbleed Vulnerability: Urgent Microcode Update Required
Security experts have identified a new vulnerability in AMD’s Zen2 series CPUs, posing a significant threat to various architectures. If exploited, this flaw, known as CVE-2023-20593, could result in the unauthorized access and theft of sensitive data, warns prominent security analyst Tarvis Ormandy.
Further research reveals that the trigger for this vulnerability lies within the vzeroupper command’s processing mechanism. Although the rate at which information can be compromised is not alarmingly fast, averaging around 30 kilobytes per second, the potential consequences are grave.
Affected architectures include the Ryzen 3000 series, the Ryzen 4000U/H series, the Ryzen 5000U series, the Ryzen 7020, and the ThreadRipper 3000 series, all of which are based on Zen2 technology. Notably, this vulnerability can be exploited across any operating system, hence its colloquial title, Zenbleed vulnerability.
Addressing the urgency of the situation, Ormandy firmly advises, “If you possess a susceptible CPU, rectify this vulnerability promptly by installing the newly released microcode update provided by AMD.”
As the ramifications of this vulnerability continue to unfold, it is crucial for all users to remain vigilant and promptly implement the necessary security measures to protect their valuable data.
[Image: gettyimagesbank]
(Source: www.boannews.com)
Note: Unauthorized reproduction or redistribution of this content is strictly prohibited.
Many Architectures Threatened by the Genbleed Vulnerability… Microcode Update Needed
Summary: According to foreign press security Bleeping Computer, a new vulnerability was discovered in AMD’s Zen2 series CPUs. Successful exploitation of this vulnerability could lead to the theft of sensitive data, according to security expert Tarvis Ormandy. This vulnerability, CVE-2023-20593, was analyzed to be triggered in the processing of a command called vzeroupper. The speed at which information is dropped is not that fast, staying around 30 kilobytes per second.
[이미지 = gettyimagesbank]
Background: Zen2-based architectures include the Ryzen 3000 series, the Ryzen 4000U/H series, the Ryzen 5000U series, the Ryzen 7020, and the ThreadRipper 3000 series. Any operating system can be exploited, and some call this the Zenbleed vulnerability.
Verbatim: “If you have an affected CPU, it is safe to address the vulnerability through the new microcode update that AMD is distributing.” -Tavis Ormandi-
[국제부 문가용 기자(globoan@boannews.com)]
www.boannews.com ) Unauthorized reproduction – redistribution prohibited >
#Disclosure #Vulnerability #Discovered #AMD #Zen2 #Chipsets
