Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems from AMD’s use of the AES-CMAC algorithm as a hash function during microcode validation—a design decision that enables collision attacks and signature forgery. Microcode […]
The post AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches appeared first on Cyber Security News.
This article has been indexed from Cyber Security News