Rapid7 cybersecurity expert Chrstiaan Beek has written proof-of-concept code for ransomware that can attack your CPU firmware – and warns of future threats that could lock your drive until a ransom is paid.

Google‘s Security Team previously identified a security vulnerability in AMD’s Zen 1 to Zen 4 CPUs that allows users to load unsigned microcode patches. It later emerged that AMD Zen 5 CPUs are also affected by the vulnerability. It can be fixed by a firmware update, but leaving a hole that allows the loading of unsigned microcode seems…like a very unfortunate laps of security.

Links:

• https://www.tomshardware.com/pc-components/cpus/worlds-first-cpu-level-ransomware-can-bypass-every-freaking-traditional-technology-we-have-out-there-new-firmware-based-attacks-could-usher-in-new-era-of-unavoidable-ransomware#xenforo-comments-3879481