All news with #confidential computing tag

AMD issues patches for RMPocalypse flaw in SEV-SNP

⚠️ AMD released mitigations and firmware/BIOS updates to address a vulnerability dubbed RMPocalypse, which ETH Zürich researchers Benedict Schlüter and Shweta Shinde say can be triggered by a single 8-byte overwrite of the Reverse Map Paging (RMP) table during SEV‑SNP initialization. The flaw, assigned CVE-2025-0033, stems from a race condition in the AMD Secure Processor/Platform Security Processor (PSP/ASP) that could allow an admin-privileged or malicious hypervisor to modify initial RMP content and void SEV‑SNP integrity guarantees. AMD listed impacted EPYC families and provided vendor guidance; Microsoft and Supermicro have acknowledged the issue and are working on remediations.

Google Cloud Expands Confidential Computing with Intel TDX

🔒 Google Cloud has expanded its Intel TDX-based Confidential Computing portfolio, now offering Confidential GKE Nodes, Confidential Space, and Confidential GPUs alongside broader regional availability. Creating an Intel TDX Confidential VM is exposed directly in the GCE Create an instance flow under the Security tab, with no code changes required. The C3 machine series supports Intel TDX across additional regions and zones, and NVIDIA H100 GPUs on the A3 series enable confidential AI by combining Intel CPU protection with NVIDIA Confidential Computing on the GPU.

Protecting Azure Infrastructure From Silicon to Systems

🔐 Microsoft describes a hardware-to-cloud security approach that embeds verification, isolation, and transparency across Azure infrastructure. The piece highlights purpose-built technologies such as Azure Boost for control-plane isolation, Azure Integrated HSM for server-local key protection, and a spectrum of confidential computing guarantees for workloads. It also emphasizes open-source and ecosystem efforts—Caliptra, OCP SAFE, and a Code Transparency Service—to enable verifiable supply-chain attestations and immutable firmware provenance.