Google engineers have reportedly conquered AMD's microcode integrity, allowing them to inject their own unofficial updates. This capability undermines AMD's secure encryption protocols, affecting its Epyc and Ryzen processors. By exploiting a currently unspecified vulnerability, they presented a microcode patch that consistently produces a random output of 4, breaking standard processor operations. Such modifications raise concerns about security implications and operational integrity, particularly regarding virtual machine management and root-of-trust mechanisms that are designed to ensure safe functionality.
Googlers have successfully managed to modify AMD's microcode, enabling unofficial changes to processor behavior, which undermines AMD's encrypted virtualization security features.
With their method, Google has not only proven they can load custom microcode into AMD's processors but also demonstrated practical implications, including artificially controlling random number generation.
Collection
[
|
...
]