Google security researchers have published comprehensive details on "EntrySign," a significant vulnerability affecting all AMD Zen processors through Zen 4. The flaw allows attackers with local administrator privileges to install custom microcode updates on affected CPUs, bypassing AMD's cryptographic verification system. The vulnerability stems from AMD's use of AES-CMAC as a hash function in its signature verification process—a critical cryptographic error. CMAC is designed as a message authentication code, not a secure hash function. The researchers discovered that AMD had been using a published example key from NIST documentation since Zen 1, allowing them to forge signatures and deploy arbitrary microcode modifications. These modifications can alter CPU behavior at the most fundamental level, enabling sophisticated attacks that persist until the next system reboot.

Google's security team has released "zentool," an open-source jailbreak toolkit allowing researchers to create, sign, and deploy custom microcode patches on vulnerable processors. The toolkit includes capabilities for microcode disassembly, patch authoring with limited assembly support, and cryptographic signing functions. As a proof-of-concept, the researchers demonstrated modifying the RDRAND instruction to consistently return predetermined values, effectively compromising the CPU's random number generation. AMD has issued microcode updates that replace the compromised validation routine with a custom secure hash function. The company's patches also leverage the AMD Secure Processor to update the validation routine before x86 cores can process potentially tampered microcode. While the attack requires local administrator access and doesn't persist through power cycles, it poses significant risks to confidential computing environments using technologies like SEV-SNP and DRTM. The researchers noted their findings could enable further CPU security research beyond exploit development, potentially allowing the implementation of new security features similar to those developed for Intel processors through similar techniques.

AI agents are poised to transform productivity for the world's billion knowledge workers with "knowledge robots" that can accomplish a variety of tasks. To develop AI agents, enterprises need to address critical concerns like trust, safety, security and compliance. New NVIDIA NIM microservices for AI guardrails—part of the NVIDIA NeMo Guardrails collection of software tools—are portable, optimized inference microservices that help companies improve the safety, precision and scalability of their generative AI applications.

Central to the orchestration of the microservices is NeMo Guardrails, part of the NVIDIA NeMo platform for curating, customizing and guardrailing AI. NeMo Guardrails helps developers integrate and manage AI guardrails in large language model (LLM) applications. Industry leaders Amdocs, Cerence AI and Lowe's are among those using NeMo Guardrails to safeguard AI applications. Developers can use the NIM microservices to build more secure, trustworthy AI agents that provide safe, appropriate responses within context-specific guidelines and are bolstered against jailbreak attempts. Deployed in customer service across industries like automotive, finance, healthcare, manufacturing and retail, the agents can boost customer satisfaction and trust.

We've recently reported on how the Facebook account requirements that have been built-in into the latest Oculus Quest 2 could render your VR headset an expensive paperweight. The Oculus Quest 2 is one impressive piece of VR material, with the specs - and perhaps more importantly, pricing - to bring a high quality VR experience to the masses, democratizing what will someday - and without a doubt - the premier way in which we interface with the digital world. However, those same Facebook account requirements were standing in the way, for some privacy-conscious users, in actually buying or using the device. Now, jailbroken efforts have been met with success - researchers report that they've been able to strip an Oculus Quest 2 from its Facebook account requirement.

The effort, led by XRSI - a non-profit organization with the goal for promoting privacy and security in the XR space - has announced they have verified a jailbreak method for the Oculus Quest 2. This was done by achieving root access to the device. According to XRSI, there are a number of researchers and hobbyists alike working on these jailbreak procedures for the latest Oculus device, but they've been met with legal quandaries surrounding the Right to Repair (essentially, establishing the ownership of hardware and contained software by users once they acquire a technological device) and whether or not their efforts are covered under it. The efforts were somewhat bolstered by Mozilla WebXR developer Robert Long offering $5,000 to anyone capable of freeing the Quest 2 from Facebook services - an offer later matched by Palmer Luckey, Oculus' departed founder. XSRI is working hard to insert AR/VR headsets into the Right to Repair provision.