A team of Google researchers working with AMD recently discovered a major CPU exploit on Zen-based processors. The exploit allows anyone with local admin privileges to write and push custom microcode updates to affected CPUs. The same Google team has released the full deep-dive on the exploit, including how to write your own microcode. Anyone can now effectively jailbreak their own AMD CPUs.
The exploit affects all AMD CPUs using the Zen 1 to Zen 4 architectures. AMD released a BIOS patch plugging the exploit shortly after its discovery, but any of the above CPUs with a BIOS patch before 2024-12-17 will be vulnerable to the exploit. Though a malicious actor wishing to abuse this vulnerability needs an extremely high level of access to a system to exploit it, those concerned should update their or their organization’s systems to the most recent BIOS update.
If the scene is willing to pay people enough, I can see cheaters use this to write cheats that are undetectable by the OS. Right now, VM detection and PCIe bus monitoring for DMA devices seems to catch the most proficient cheaters, but it the CPU can turn your increment function into a multiplication, all bets are off. If cheaters do go this route, I expect game companies to blacklist these CPUs entirely.
Altering the CPU instructions could be very useful for reverse engineering, as debugger detection could be worked around on the CPU level. You could also use it to alter and monitor things like encryption functions. Malware could use microcode to write an entire class of CPU instructions custom to the malware/infection/infected PC itself, making it impossible to reverse engineer it using standard means. How powerful this stuff really is depends on how much free space there is in the memory that contains the microcode, but it’s pretty cool and scary stuff, depending on if your intentions are good or bad.
Intel used to have SGX, a processor component that was designed to run isolated code that not even the OS could manage. The only official way to play Blu-ray on PC, Powerlink, made heavy use of that for hiding DRM code. SGX got breached with SPECTRE/MELTDOWN, though, and Intel dropped it somewhere around the 9th Gen core processors for desktop CPUs. If AMD has a similar feature I don’t know about, that can be presumed broken on these chips now.
I would guess Zen 1 through Zen 4 is currently the majority of gaming PCs. It’s certainly a massive percentage. I don’t think game companies can realistically just blacklist all of them.
deleted by creator
Okay, but I’m definitely certain that the majority of gamers running Windows 11 in secure boot mode with TPM 2.0 are running Zen 3 or 4. How many times can they cut their user-base in half before the people who are left leave because it’s a dead game?
deleted by creator