Google researchers uncover critical security flaw in all AMD Zen processors

What just happened? A significant vulnerability, known as EntrySign, has been uncovered by Google security researchers, affecting all AMD Zen processors from Zen 1 to Zen 4. This flaw allows attackers with local administrator privileges to bypass AMD's cryptographic verification system and install custom microcode updates on affected CPUs. The vulnerability stems from AMD's use of AES-CMAC as a hash function in its signature verification process, which is a critical cryptographic error. AES-CMAC is designed as a message authentication code, not a secure hash function, making it unsuitable for this purpose. The researchers discovered that AMD had been using a publicly available example key from NIST documentation since Zen 1, which allowed them to forge signatures and deploy arbitrary microcode modifications. These modifications can alter the CPU's behavior at a fundamental level, enabling sophisticated attacks that persist until the next system reboot. For instance, the researchers d ... Read full article.