The Zenbleed vulnerability has been discovered in AMD Ryzen processors, which allows you to open logins and passwords from sites and applications, as well as lock keys.
Zenbleed features hacker Tavis Ormandy of the Google Information Security team. According to him, the vulnerability is infected with all AMD processors with Zen 2 microarchitecture:
▪️ Ryzen 3000
▪️ Ryzen Pro 3000
▪️Ryzen Threadripper 3000
▪️ Ryzen 4000 with Radeon graphics
▪️ Ryzen Pro 4000
▪️ Ryzen 5000 with Radeon graphics
▪️ Ryzen 7020 with Radeon graphics
▪️ Epic Rome
Zenbleed does not require physical access to a computer to run. The exploit can be launched remotely via Javascript on a web page.
If successful, Zenbleed can beautify sensitive data from any application, even if it’s running through a virtual operating system. Zenbleed does not require privileges and system permissions, so it can go unnoticed.
Ormandy reported the vulnerability to AMD on May 15, 2023. The company has already released an update for the second generation Epyc 7002 processors. Updates for other chips will be released no earlier than October 2023.
An AMD spokesperson added that no real-life vulnerability has been reported. [The Verge]
Source: Iphones RU
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
