Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

AMD Unveils New Security Features With Launch of EPYC 7003 Series Processors

Chipmaker AMD on Monday announced the launch of its new EPYC 7003 series server processors — codenamed Milan — and the company has shared some information about new and improved security features.

Chipmaker AMD on Monday announced the launch of its new EPYC 7003 series server processors — codenamed Milan — and the company has shared some information about new and improved security features.

The new CPUs are based on the Zen 3 architecture and AMD says they bring significantly improved performance for enterprise, cloud and HPC workloads. The EPYC 7003 series processors are available immediately — device manufacturers have started announcing new products that use them, and major cloud providers will use servers powered by these CPUs.

Security features in the new AMD EPYC 7003 series CPU

According to AMD, its 3rd Gen EPYC processors include several new or enhanced security features, including a dedicated security subsystem, hardware-validated secure boot, hardware root of trust, Secure Memory Encryption (SME), Secure Encrypted Virtualization-Encrypted State (SEV-ES), and Secure Nested Paging (SNP).

One important new feature is SNP, which provides enhanced memory protections to prevent malicious hypervisors from conducting replay, corruption or remapping attacks. Specifically, SNP adds memory integrity protection capabilities designed to prevent hypervisor attacks by creating an isolated execution environment.

In the case of SEV-ES, which provides a layer of protection for CPU registers, AMD has added interrupt restrictions that should prevent malicious hypervisors from injecting interrupts and attacking ES guests.

Other security features present in the new processors include memory protection keys for users, and Shadow Stack, a new feature that helps protect against ROP (return-oriented programming) attacks.

AMD also noted during a briefing ahead of the launch of its new product that with the 3rd Gen EPYC processors they have been able to implement better mitigations against Spectre attacks.

Related: AMD Confirms Hacker Stole Information on Graphics Products

Advertisement. Scroll to continue reading.

Related: Security Firm Under Fire Over Disclosure of AMD Chip Flaws

Related: AMD Preparing Patches for UEFI SMM Vulnerability

Related: Google Cloud Unveils Confidential VMs Powered by AMD EPYC Processors

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

CISO Strategy

SecurityWeek spoke with more than 300 cybersecurity experts to see what is bubbling beneath the surface, and examine how those evolving threats will present...

CISO Conversations

Joanna Burkey, CISO at HP, and Kevin Cross, CISO at Dell, discuss how the role of a CISO is different for a multinational corporation...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

CISO Conversations

In this issue of CISO Conversations we talk to two CISOs about solving the CISO/CIO conflict by combining the roles under one person.

CISO Strategy

Security professionals understand the need for resilience in their company’s security posture, but often fail to build their own psychological resilience to stress.