A critical security vulnerability in AMD Zen CPUs allows attackers with administrator privileges to inject malicious microcode patches, potentially compromising confidential computing workloads protected by SEV-SNP. The flaw, discovered by Google's Security Team, affects Zen 1 through Zen 4 processors and has been patched as of December 2024.

https://github.com/google/security-research/security/advisories/GHSA-4xq7-4mgh-gp6w

via https://hnrss.org/newest?points=100, https://hnrss.org/newest?comments=100