This is a follow-on thread in regard to the older CPU SIDE CHANNEL exploits for both Intel and AMD vendors. Below are some reference articles that go deeper into the issues in greater detail.
There are two distinct things I wish to convey in this post. The first being everyone taking this seriously. The second is, I personally have brought this to the attention of Norton for the sake of customers. Knowing that the current Norton releases have had their issues regarding system resources. Customers need to be aware that these microcode updates, will, degrade every systems performance level to some degree. Its easy to put blame where its not due without being in the know.
Norton should hopefully be, proactive about making customers aware, that, they are also aware of these exploits as well as what is being done to mitigate them. And, how these will impact you. More over how it can affect Norton product performance going forward. In that regard, I invite those passing through this forum to please read this information as it is extremely import.
Intel: Quoted “CVE-2024-45332 impacts all Intel CPUs from the ninth generation onward, including Coffee Lake, Comet Lake, Rocket Lake, Alder Lake, and Raptor Lake.”
AMD: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7033.html
AI Overview
In 2025, both Intel and AMD have released new microcode updates to address potential security vulnerabilities. Intel addressed vulnerabilities in its indirect branch predictors, while AMD addressed a signature verification issue that could allow malicious microcode to be loaded.
Here’s a more detailed breakdown:
Intel:
.Opens in new tab
This advisory addresses potential security vulnerabilities in Intel’s indirect branch predictors, which could lead to information disclosure. Intel is releasing microcode updates to mitigate these vulnerabilities.
.Opens in new tab
This vulnerability, identified in some Intel Atom processors, involves shared microarchitectural predictor state that influences transient execution. An authenticated user with local access could potentially enable information disclosure.
AMD:
This security bulletin addresses a vulnerability in the microcode signature verification algorithm. An attacker with system administrative privileges could potentially load malicious microcode patches by exploiting a weakness in the signature verification process.
- Mitigation:
AMD is releasing mitigations to address this issue, which involves improving the signature verification process.
- Potential for Malicious Microcode:
Researchers have demonstrated the possibility of creating malicious microcode patches on AMD processors (Zen 1-4) that could alter the execution of virtually any instruction.
SA