CyberSecurityBoard
Sponsor Register Login

AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches

Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems from AMD’s use of the AES-CMAC algorithm as a hash function during microcode validation—a design decision that enables collision attacks and signature forgery. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. While CMAC provides integrity against passive attackers, it fails catastrophically when adversaries control the AES key—a scenario made feasible through hardware reverse engineering or side-channel attacks. As CPUs increasingly underpin cloud and AI infrastructures, EntrySign highlights the urgent need for agile, updateable cryptographic primitives in silicon, a lesson the industry is now racing to implement. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. EntrySign exposes all Zen 1-4 CPUs to persistent microcode hijacking by attackers with ring-0 access. AMD’s mitigation replaces CMAC with a custom hash and deploys Secure Processor (ASP) checks before x86 cores activate.

This Cyber News was published on cybersecuritynews.com. Publication date: Fri, 07 Mar 2025 08:40:16 +0000


Cyber News related to AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches

What is cloud load balancing? - Cloud load balancing is the process of distributing workloads across computing resources in a cloud computing environment and carefully balancing the network traffic accessing those resources. Cloud load balancing helps enterprises achieve ...
1 year ago Techtarget.com
AMD CPU Signature Verification Vulnerability Let Attackers Load Malicious Microcode - However, the fact that Google’s researchers were able to successfully bypass AMD’s microcode signature verification highlights a potential weakness in the security architecture of modern processors that could have significant implications ...
4 days ago Cybersecuritynews.com CVE-2024-36347
AMD Microcode Signature Verification Vulnerability Let Attackers Load Malicious Patches - Security researchers have uncovered a critical vulnerability in AMD Zen CPUs that allows attackers with elevated privileges to load malicious microcode patches, bypassing cryptographic signature checks. Dubbed “EntrySign,” this flaw stems ...
1 month ago Cybersecuritynews.com
CVE-2025-21991 - In the Linux kernel, the following vulnerability has been resolved: ...
1 week ago
What is an email signature? - An email signature - or signature block or signature file - is the block of text that appears at the end of an email message that provides more information about the sender. This can include details such as the sender's full name, occupation or job ...
1 year ago Techtarget.com
CVE-2022-31156 - Gradle is a build tool. Dependency verification is a security feature in Gradle Build Tool that was introduced to allow validation of external dependencies either through their checksum or cryptographic signatures. In versions 6.2 through 7.4.2, ...
1 year ago
New ISC Security Patches Released for 2021: What You Need to Know - The Internet Systems Consortium (ISC), the largest provider of open-source Internet infrastructure software, has released new security patches designed to mitigate data breaches and other cyber threats. These new security patches, released in January ...
2 years ago Thehackernews.com
AMD Ryzen DLL Hijacking Vulnerability Let Attackers Execute Arbitrary Code - Similar vulnerabilities have been reported in other AMD products, such as the AMD Integrated Management Technology (AIM-T) Manageability Service (CVE-2023-31361) and AMD μProf (CVE-2023-31348), highlighting the importance of secure library loading ...
2 months ago Cybersecuritynews.com CVE-2023-31361 CVE-2023-31348
SIEM agent being used in SilentCryptoMiner attacks | Securelist - The most interesting action in this attack was the implementation of unusual techniques like using an SIEM agent as backdoor, adding the malicious payload to a legitimate digital signature, and hiding directories containing malicious files. The ...
6 months ago Securelist.com
CVE-2022-36007 - Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions `load-file` and `load-resource`. These functions can be limited to load files from a list of load ...
2 years ago
CVE-2023-46139 - KernelSU is a Kernel based root solution for Android. Starting in version 0.6.1 and prior to version 0.7.0, if a KernelSU installed device is infected with a malware whose app signing block specially constructed, it can take over root privileges on ...
1 year ago
CVE-2024-56161 - Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious CPU microcode resulting in loss of confidentiality and integrity of a confidential guest running under ...
2 months ago Tenable.com
Microsoft December 2023 Patch Tuesday fixes 34 flaws, 1 zero-day - Today is Microsoft's December 2023 Patch Tuesday, which includes security updates for a total of 34 flaws and one previously disclosed, unpatched vulnerability in AMD CPUs. While eight remote code execution bugs were fixed, Microsoft only rated three ...
1 year ago Bleepingcomputer.com CVE-2023-20588
CVE-2019-19083 - Memory leaks in *clock_source_create() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel before 5.3.8 allow attackers to cause a denial of service (memory consumption). This affects the dce112_clock_source_create() function in ...
4 years ago
GitLab Patches: Severe SAML Authentication Bypass Flaw Fixed - Security Boulevard - In addition to these patches, OmniAuth SAML has been upgraded to version 2.2.1 and Ruby-SAML to 1.17.0. It’s worth mentioning that the issue only impacts self-managed instances; therefore, users of GitLab Dedicated instances do not need to take any ...
6 months ago Securityboulevard.com CVE-2024-45409
Critical ruby-saml Vulnerabilities Let Attackers Bypass Authentication - Security researchers from GitHub Security Lab have identified parser differential vulnerabilities (CVE-2025-25291 and CVE-2025-25292) affecting ruby-saml versions up to 1.17.0, which could allow attackers to impersonate any user within affected ...
1 month ago Cybersecuritynews.com CVE-2025-25291
1Kosmos Unifies Identity Verification User Journeys Across Web and Mobile Platforms - PRESS RELEASE. EAST BRUNSWICK, N.J., Nov. 29, 2023 - 1Kosmos, the company that unifies identity proofing and passwordless authentication, today announced the 1Kosmos BlockID platform now enables organizations to seamlessly extend web-based identity ...
1 year ago Darkreading.com
DataVisor integrates SMS customer verification into its platform - DataVisor announced the expansion of its end-to-end platform capabilities with the integration of SMS customer verification for fraudulent transactions. This new offering, powered by Twilio technology, provides customers with enhanced fraud ...
1 year ago Helpnetsecurity.com
PornHub now also blocks Texas over age verification laws - PornHub has now added Texas to its blocklist, preventing users in the state from accessing its site in protest of age verification laws. Texas' age verification bill HB 1181, passed last year, went back into effect last week after the State won an ...
1 year ago Bleepingcomputer.com
Fresh SLAM Attack Extracts Sensitive Data from AMD CPUs and Upcoming Intel Processors - Academic researchers have unveiled a novel side-channel attack named SLAM, designed to exploit hardware enhancements meant to bolster security in forthcoming CPUs from major manufacturers like Intel, AMD, and Arm. The attack aims to retrieve the root ...
1 year ago Cysecurity.news
AWS WAF: Secure CDN, Load Balancers, API Servers - DZone - If you want your application to contain specific validation tokens in headers, you can specify such rules in the WebACL associated with the Application Load Balancer. With AWS WAF, you can create security rules that control bot traffic and block ...
6 months ago Feeds.dzone.com
CVE-2024-43405 - Nuclei is a vulnerability scanner powered by YAML based templates. Starting in version 3.0.0 and prior to version 3.3.2, a vulnerability in Nuclei's template signature verification system could allow an attacker to bypass the signature check and ...
7 months ago
CVE-2019-19082 - Memory leaks in *create_resource_pool() functions under drivers/gpu/drm/amd/display/dc in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption). This affects the dce120_create_resource_pool() function in ...
4 years ago
Securing helpdesks from hackers: What we can learn from the MGM breach - In the wake of the MGM Resorts service desk hack, it's clear that organizations need to rethink their approach to security, particularly when it comes to verifying the identity of employees contacting the helpdesk. In this article, we'll explore how ...
1 year ago Bleepingcomputer.com
CVE-2024-36969 - In the Linux kernel, the following vulnerability has been resolved: ...
10 months ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)