AMD Patches SEV Flaw: Malicious Microcode No Longer Invited

AMD fixed a flaw that allowed hackers to bypass SEV protection and load malicious microcode. This vulnerability, discovered by Google researchers, could have led to compromised CPU operations. AMD’s patch requires a BIOS update and reboot, securing virtual machines from potential threats.

3P
Published: February 4, 2025 3:55 pmAdded: February 5, 2025 at 4:43 amAssembled by: The Editor
Pro Dashboard

Hot Take:

AMD’s CPUs had a brief stint as aspiring magicians, attempting to make your secure VMs disappear—into the hands of hackers! Thankfully, AMD’s new patch ensures their magic show is now strictly a vanishing act for bugs and vulnerabilities.

Key Points:

  • AMD patched a flaw in its Secure Encrypted Virtualization (SEV) that could allow malicious microcode to be loaded.
  • The vulnerability, CVE-2024-56161, had a CVSS score of 7.2, indicating a high severity.
  • Google researchers discovered the flaw and provided proof-of-concept exploits.
  • The patch requires a BIOS update and a system reboot to fully secure systems.
  • The issue affected AMD Zen 1 through Zen 4 CPUs due to improper signature verification.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?