Neither hardware nor software is immune to security flaws. This has been demonstrated once again by a newly discovered vulnerability identified by Google’s security team, which specializes in detecting threats before they fall into the hands of cybercriminals. Their role is to notify manufacturers of any issues so they can address them before the information becomes public.
This time, the team uncovered a serious vulnerability in AMD processors, affecting architectures from Zen 1 to the more recent Zen 4. The flaw, named EntrySign, could allow attackers with elevated privileges to access the system’s kernel level and load unsigned microcode, directly compromising system security.
Initially, it was believed the vulnerability only affected earlier generations. However, an updated security bulletin from AMD has confirmed that the issue also impacts its latest Zen 5 processors. This includes products aimed at both consumer and professional markets.
The flaw lies in the CPU’s microcode—a critical layer that translates software instructions into physical actions within the processor. Since this code is embedded in the chip, it can’t be replaced with a simple update. Nonetheless, AMD has developed a patch that can be loaded during the operating system’s boot process to mitigate the risk.
The affected models include the Ryzen 9000 Granite Bridge processors, EPYC 9005 Turin server chips, and the Ryzen AI 300 series (Strix Halo, Strix Point, and Krackan Point), as well as the Ryzen 9000HZ Fire Range processors.
AMD has started rolling out a fix through the ComboAM5PI 1.2.0.3c AGESA update, which is now available for Ryzen 9000 and Ryzen AI 300 processors. The update for EPYC 9005 chips is still pending but is expected to be released before the end of the month.
Although exploiting this vulnerability requires an extremely high level of access—something highly unlikely—experts strongly recommend updating the BIOS as soon as possible. This incident once again highlights the importance of keeping firmware up to date.
According to AMD, no attacks exploiting this vulnerability have been reported so far. The timely detection of the issue has allowed the company to act quickly and avoid more serious consequences.
