Google security researchers recently discovered a hidden vulnerability called EntrySign that allows malicious code to be executed via unsigned microcode patches on AMD processors, from Zen to Zen 4. AMD itself has just confirmed that its latest Zen 5 chips are also affected by the vulnerability.
Image Source: TechSpot
The problem is a flaw in AMD’s signature verification for microcode updates — low-level patches that chip makers release after processors ship to fix bugs or vulnerabilities. Typically, an operating system or firmware will only load microcode that has been signed and approved by AMD. EntrySign allows attackers with access to Ring 0 (the kernel level) to bypass this protection on vulnerable chips.
Last month, AMD said EntrySign affected the first four generations of Zen processors across its entire product line. The flaws ranged from mainstream Ryzen consumer chips to high-end EPYC server processors. This week, AMD updated its security bulletin to confirm that even the new Zen 5 chips are vulnerable. These include desktop Ryzen 9000 (Granite Ridge), server EPYC 9005 (Turin), mobile Ryzen AI 300 (Strix Halo, Strix Point, and Krackan Point), and mobile Ryzen 9000HX (Fire Range) for high-end gaming laptops.
AMD says it has already provided the necessary microcode fixes to motherboard vendors via the ComboAM5PI 1.2.0.3c AGESA update. Users are advised to check their motherboard manufacturer’s website for BIOS updates.
Image Source: AMD
The situation with server processors is a bit more complicated. While AMD has already released fixes for consumer chips and previous-generation EPYC server models, updates for the new EPYC (Turin) models affected by the EntrySign vulnerability are not expected until later this month.
It is noted that an attacker would need high system privileges to exploit the EntrySign vulnerability. Unlike persistent malware, which persists on the system even after a reboot, reinstallation of programs, or user logoff, any malicious microcode loaded via EntrySign is erased upon system reboot. While the actual risk to regular users is relatively low, the potential threat to data centers and cloud infrastructure makes this vulnerability a serious security issue that AMD and its partners are working to address quickly.