Google researchers uncover critical security flaw in all AMD Zen processors

⁨16⁩ ⁨likes⁩

Submitted ⁨⁨1⁩ ⁨day⁩ ago⁩ by ⁨floofloof@lemmy.ca⁩ to ⁨cybersecurity@infosec.pub⁩

https://www.techspot.com/news/107074-google-researchers-uncover-critical-security-flaw-amd-zen.html

Comments

Sort:hotnew top

thebardingreen@lemmy.starlightkel.xyz ⁨1⁩ ⁨day⁩ ago

The researchers discovered that AMD had been using a publicly available example key from NIST documentation since Zen 1,

lol… sigh…

source
- floofloof@lemmy.ca ⁨1⁩ ⁨day⁩ ago
  Just like all the BIOSes that have turned out to be using example keys called things like TEST ONLY - NOT FOR PRODUCTION, rendering Secure Boot not.
  
  source
cron@feddit.org ⁨1⁩ ⁨day⁩ ago

The researchers discovered that AMD had been using a publicly available example key from NIST documentation since Zen 1, which allowed them to forge signatures and deploy arbitrary microcode modifications.

I wish these sorts of errors were not that common.

source