Chipmaker AMD on Monday announced the launch of its new EPYC 7003 series server processors — codenamed Milan — and the company has shared some information about new and improved security features.
The new CPUs are based on the Zen 3 architecture and AMD says they bring significantly improved performance for enterprise, cloud and HPC workloads. The EPYC 7003 series processors are available immediately — device manufacturers have started announcing new products that use them, and major cloud providers will use servers powered by these CPUs.
According to AMD, its 3rd Gen EPYC processors include several new or enhanced security features, including a dedicated security subsystem, hardware-validated secure boot, hardware root of trust, Secure Memory Encryption (SME), Secure Encrypted Virtualization-Encrypted State (SEV-ES), and Secure Nested Paging (SNP).
One important new feature is SNP, which provides enhanced memory protections to prevent malicious hypervisors from conducting replay, corruption or remapping attacks. Specifically, SNP adds memory integrity protection capabilities designed to prevent hypervisor attacks by creating an isolated execution environment.
In the case of SEV-ES, which provides a layer of protection for CPU registers, AMD has added interrupt restrictions that should prevent malicious hypervisors from injecting interrupts and attacking ES guests.
Other security features present in the new processors include memory protection keys for users, and Shadow Stack, a new feature that helps protect against ROP (return-oriented programming) attacks.
AMD also noted during a briefing ahead of the launch of its new product that with the 3rd Gen EPYC processors they have been able to implement better mitigations against Spectre attacks.
Related: AMD Confirms Hacker Stole Information on Graphics Products
Related: Security Firm Under Fire Over Disclosure of AMD Chip Flaws
Related: AMD Preparing Patches for UEFI SMM Vulnerability
Related: Google Cloud Unveils Confidential VMs Powered by AMD EPYC Processors

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
- UK Gov Warns of Phishing Attacks Launched by Iranian, Russian Cyberspies
- Dozens of Cybersecurity Companies Announced Layoffs in Past Year
- Security Update for Chrome 109 Patches 6 Vulnerabilities
Latest News
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Vulnerabilities in OpenEMR Healthcare Software Expose Patient Data
- Russia-Linked APT29 Uses New Malware in Embassy Attacks
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- The Effect of Cybersecurity Layoffs on Cybersecurity Recruitment
- Critical Vulnerability Impacts Over 120 Lexmark Printers
- BIND Updates Patch High-Severity, Remotely Exploitable DoS Flaws
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
