AMD confirms two dangerous attacks that can compromise any virtual machine

Tech firm AMD issued a security guide to address two potential attacks against the Secure Encrypted Virtualization (SEV) solution, which keeps virtual machines protected from some attack variants. According to reports, these attacks would allow threat actors to inject malicious code into a SEV-encrypted virtual machine.

The attacks, identified as SEVurity and undeSErVed, work not only against SEV-protected AMD CPUs but also against SEV-ES, the enhanced version of this solution released in 2017.

The company’s report mentions that all AMD EPYC processors are impacted by this flaw, including first-, second- and third-generation EPYC processors, usually used by servers in data centers.

AMD recommends that system administrators using AMD CPUs for virtualized environment hosting enable SEV-SNP, the latest version of SEV-SNP technology and compatible with third-generation equipment only.

As mentioned above, previous generations of EPYC processors do not support SEV-SNP, so in the security report the company advises customers to stick to security best practices to avoid the commitment of the host operating system. AMV launched a second security alert as the two attacks will be presented at a cybersecurity conference later this month.

Although attacks on CPU deployments have mainly targeted technology developed by Intel in recent years, AMD attacks have their own very particular problems. Just a few weeks ago the manufacturer issued a report to confirm that its Zen 3 CPUs were affected by a flaw that would allow the deployment of Spectre attacks through abuse of the processor’s PSF function.

About a year ago, the company also confirmed that its AMD Accelerated Processing Unit processors, released between 2016 and 2019, were affected by “SMM Callout” errors. To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.