AMD is rolling out patches for at-risk CPUs, though these updates may impact system performance. | Illustration: Beatrice Sala
A new vulnerability impacting AMD’s line of Zen 2 processors — which includes popular CPUs like the budget-friendly Ryzen 5 3600 — has been discovered that can be exploited to steal sensitive data like passwords and encryption keys. Google security researcher Tavis Ormandy disclosed the “Zenbleed” bug (filed as CVE-2023-20593) on his blog this week after first reporting the vulnerability to AMD on May 15th.
The entire Zen 2 product stack is impacted by the vulnerability, including all processors within the AMD Ryzen 3000 / 4000 / 5000 / 7020 series, the Ryzen Pro 3000 / 4000 series, and AMD’s EPYC “Rome” data center processors. AMD has since published its anticipated release timeline for patching out the exploit, with most firmware…