They say it’s “Platform secure boot” by AMD. They refuse to elaborate further though, and no one knows wth that is. Except AMD themselves ofc: https://www.amd.com/en/products/processors/technologies/pro-technologies.html

Platform secure boot is designed to provide protection in response to growing firmware-level remote attacks being seen across the industry. AMD Secure Boot helps continue the chain of trust from the system BIOS to the OS Bootloader.

Ah fuck it, here’s the security researchers explanation: https://labs.ioactive.com/2024/02/exploring-amd-platform-secure-boot.html?m=1

It’s an exploit path to a UEFI bootkit, so at the very least you’d have to throw your motherboard away or find someone that can physically overwrite it through an external flash programmer or something. And the patch should be delivered through a UEFI firmware update, so if your motherboard is no longer supported you would have to buy a new one. And for laptops and embedded devices having everything soldered in, the motherboard is basically the whole computer, so I don’t think it’s that much of an exaggeration.

I guess it’s true that if you have ring 0 access you’re boned, bug if your ring 0 access gets upgraded into ring -2 access you are even more boned. They put those security boundaries in place for a reason after all.

Because if I understood it right, it will be presented at DEFCON tomorrow, this news are just hyping it.

We don’t know what is the install vector, it might be a non issue (for regular people) where you need a custom chip programmer and hands on the hardware