Originally published on March 5, 2025

Preface: The microcode patch loader in the CPU’s ROM (Read-Only Memory) is responsible for loading these updates into the CPU during the boot process. This ensures that the CPU runs the latest microcode, which can include important security and functionality improvements

Background: The System Management Mode (SMM) execution environment is a special-purpose operating mode provided by x86 CPUs for handling system-wide functions like power management and hardware control. When the CPU receives a System Management Interrupt (SMI), it switches from normal execution mode to SMM. In this mode, the CPU executes code stored in a special portion of memory called System Management RAM (SMRAM). This environment is isolated from the operating system and applications, allowing it to manage critical system functions transparently. Some uses of SMM include handling system events, managing system safety functions, and controlling power management operations.

Vulnerability details: Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator privilege to load malicious microcode, potentially resulting in loss of integrity of x86 instruction execution, loss of confidentiality and integrity of data in x86 CPU privileged context and compromise of SMM execution environment.

Official announcement: Please see the official link for detailshttps://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html