Cyber Defense

Critical AMD Security Update Blocks CPU Hijacking Vulnerability

ClickControl

Author

February 06, 2025

Published

Reading

Critical AMD Security Update Blocks CPU Hijacking Vulnerability

AMD Addresses Critical CPU Security Vulnerability

AMD has released critical security updates to patch a high-severity vulnerability (CVE-2024-56161) affecting multiple processor generations. The flaw, discovered by Google’s Security Team, stems from an improper signature verification in AMD’s CPU ROM microcode patch loader.

Impact and Technical Details:
– Affects AMD processors from Zen 1 through Zen 4 architectures
– Compromises AMD’s Secure Encrypted Virtualization-Secure Nested Paging (SEV-SNP)
– Enables attackers with local admin privileges to execute malicious microcode
– Impacts data confidentiality and integrity in secure environments

Affected Processors:
– EPYC 7001 Series (Naples)
– EPYC 7002 Series (Rome)
– EPYC 7003 Series (Milan/Milan-X)
– EPYC 9004 Series (Genoa/Genoa-X/Bergamo/Siena)

Mitigation Steps:
1. Install the latest microcode update
2. Update SEV firmware where required
3. Update system BIOS
4. Perform system reboot
5. Verify microcode version matches AMD’s specifications

Additional Security Concern:
A separate report from National Taiwan University identified cache-based side-channel attacks affecting AMD’s SEV implementation across multiple EPYC processor generations. AMD recommends implementing constant-time algorithms and following Spectre-attack mitigation guidelines.

Users are strongly advised to apply these security updates promptly to protect against potential exploits and maintain system security.

Keywords: AMD security vulnerability, CPU microcode patch, EPYC processor security, SEV-SNP vulnerability, AMD Zen architecture, AMD security updates

Share This Article