News AMD patches a critical microcode vulnerability affecting Zen 1 to Zen 4 EPYC CPUs

[Admin]

A key AMD microcode vulnerability impacting Epyc CPUs has been fixed.

AMD patches a critical microcode vulnerability affecting Zen 1 to Zen 4 EPYC CPUs : Read more

 

[edzieba]

This is an "It's much, MUCH worse than you thought" vulnerability.
The article skips over the main impact of this vulnerability, which is to allow arbitrary microcode installation. The researchers proof-of-concept was to make RDRAND always return "4", which would render all encryption on that CPU trivially breakable.
And because its microcode, it's resident in the CPU rather than an exploit that needs to be run at the target's premises. A bad actor could buy up a pile of CPUs, install a custom malicious microcode onto them, and then resell them - or worse, return them with a fake seal to a major distributor (e.g. Amazon) and flood the supply chain with trojan horses. And because the fix is itself a microcode update, every single CPU that has not installed the most recent microcode update (e.g. basically every CPU still in stock for sale today) is vulnerable out of the box, and the first feature I'd add to my malicious custom microcode would be a function to look for attempted microcode updates, not apply them, then report the update being applied successfully and increment the version number reported to the host.