#zenbleed — Public Fediverse posts

#AMD discloses slew of high severity #security #vulnerabilities for #Zen systems, from the original Zen chips to the latest #Zen4 #CPU, that attacks #BIOS chips, we finally have a #Zenbleed fix. AMD is patching the vulnerabilities through new versions of #AGESA, for #Zen2-based chips, in particular, many of these new AGESAs also patch Zenbleed, including #Epyc #Server chips https://bit.ly/3I1JKds https://www.tomshardware.com/pc-components/cpus/amd-discloses-slew-of-high-severity-security-vulnerabilities-for-zen-chips-that-attack-bios-chips-updates-aim-to-patch-bugs-finally-fix-zenbleed

"🎯 Zenbleed: A Serious Bug in AMD Processors 🐞"

Zenbleed, a silicon-level bug in AMD processors, can be exploited to steal passwords, cryptographic keys, and more. Patch up when you can!

Source: https://nakedsecurity.sophos.com/2023/07/26/zenbleed-how-the-quest-for-cpu-performance-could-put-your-passwords-at-risk/

Tags: #Zenbleed #AMD #ProcessorVulnerability #Cybersecurity #PatchUp 💻🔐

#AMD #Zen2 CPUs were found to be vulnerable to a speculative execution bug called #Zenbleed that allows attackers to leak credentials and break encryption.

The good news is that AMD has issued a microcode update, the bad news is that it's only available for their #Epyc 7002 line. The fix for consumer & workstation Ryzen products containing the Zen2 cores will need to wait for a couple months for the fix.

#infosec #cybersecurity #firmware #HardwareBug

https://arstechnica.com/information-technology/2023/07/encryption-breaking-password-leaking-bug-in-many-amd-cpus-could-take-months-to-fix/

Encryption-breaking, password-leaking bug in many AMD CPUs could take months to fix - Enlarge (credit: AMD)

A recently disclosed bug in many of AMD'... - https://arstechnica.com/?p=1956383 #ryzen53600 #ryzen3000 #ryzen4000 #ryzen5000 #ryzen7000 #security #amdryzen #meltdown #zenbleed #biz⁢ #tech #zen2

Zenbleed: Sicherheitslücke gefährdet Zen-2-Architektur von AMD https://www.computerbase.de/2023-07/zenbleed-sicherheitsluecke-gefaehrdet-zen-2-architektur-von-amd/ #AMD #Zen2 #Sicherheitslücke #Zenbleed

Google Information Security researcher Tavis Ormandy has identified the vulnerability called Zenbleed, present in the entire line of AMD Zen 2 processors, which includes Ryzen 3000, Ryzen 4000, Ryzen 5000, Ryzen 7020, Ryzen Pro 3000 and Ryzen Pro 4000 models.

#AMD #vulnerability #Ryzen #Zen2 #CyberSecurity #data #Zenbleed

https://cybersec84.wordpress.com/2023/07/25/amd-issues-security-advisory-for-zen-2-processors-with-critical-vulnerability/

AMD has released microcode patches to protect Epyc 7002 Rome server chips against the newly discovered Zenbleed vulnerability, but patches for consumer chips with Zen 2 CPU cores won't be ready until later this year. https://www.tomshardware.com/news/zenbleed-bug-allows-data-theft-from-amds-zen-2-processors-patches-released

#AMD #Zen2 #Zenbleed #security

@taviso Well done with the Zenbleed discovery. It seems that AMD only patched the EPYC processor series. Other Zen2 processors still seems fully vulnerable.

In fact, I think AMD didn't want to announce this early at all. BIOS manufacturers don't even have BIOS firmware updates to protect users. Oops!?

#infosec #amd #zen2 #zenbleed #bios #vulnerable