Apparently there’s a major #vulnerability in #AMD CPUs: “AMD Microcode Signature Verification Vulnerability.”
The vulnerability was leaked by #ASUS in their beta BIOS changelog:
ASUS has since removed this entry from the changelog since it likely broke the embargo. Either way, this is not great as the new firmware is largely not yet available and likely won’t be for a long while.
#infosec #cybersecurity
So what could you do if the microcode signature verification can be bypassed? While not directly applicable, this #defcon presentation “DEF CON 31 - Backdoor in the Core - Altering Intel x86 Instruction Set at Runtime - Krog, Skovsende” gives some ideas: https://www.youtube.com/watch?v=Zda7yMbbW7s