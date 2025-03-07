If you have an older AMD Ryzen CPU based on the Zen 1 through to Zen 4 architecture, your CPU can now be "jailbroken." This is thanks to an exploit that allows users to write their own microcode for those affected CPUs,

According to a team of security researchers at Google (via Toms Hardware), a new exploit dubbed EntrySign can be used to push custom microcode updates to AMD's CPUs with Zen 1 cores all the way through to Zen 4 cores. The bug has been fixed since a BIOS patch dated 2024-12-17, but all it takes to exploit it is a local administrator account on the PC using the CPU.

This does not affect AMD's newest Ryzen 9000 series.

Anything older than Zen 5 was at risk

Though you're safe now

Source: der8auer (YouTube)

EntrySign could be used to write new microcode for older AMD CPUs, changing how they work and doing things like removing security safeguards. The bug was first revealed to affect the company's EPYC server CPUs, where it could be abused to lead to the loss of SEV-based protections of users. SEV stands for Secure Encrypted Virtualization, which is used in VMs, though it would be possible in this case to break those protections and make it possible for an attacker to access secured information should it be exploited successfully.

The report relating to those EPYC server CPUs specifically mentioned Zen 1 through to Zen 4, but the actual details were light on how it affected CPUs that weren't AMD's server offerings. Now it's clear that it affects every AMD CPU based on the Zen architecture aside from those using Zen 5, leading to a Google vulnerability researcher (credited on the GitHub report for EPYC server CPUs) declaring that you can "jailbreak your AMD CPU."

This particular bug could have been significantly worse if those changes persisted through power cycles, but thankfully, you don't need to worry about picking up a second-hand Ryzen CPU or anything like that. While it's still a bad exploit (and could have caused disastrous consequences in the right set of circumstances), it was particularly difficult to execute from the point of view of an attacker thanks to the requirements needed; most notably ring 0 access, or the most privileged level of access on the host machine.

In fact, there can even be limited benefits to this kind of exploit. In theory, researchers could implement new features on AMD CPUs, including additional security features, though you wouldn't want to rely on them in a mission critical machine. As well, it's generally always a better practice to stay on the latest security patches and updates, rather than relying on an older BIOS version so that you can use your own custom microcode instead.

If you have one of these older CPUs, assuming you're not the type to go messing around with microcode, it's always better to update.