Update your AMD hosts now to mitigate the Zenbleed exploit

If you&#x27;re on Windows, the following script should set the necessary MSR without entirely disabling AVX. There&#x27;s not really any other way to do it other than with WinRing0&#x27;s driver, doing it via WinDbg is not practical at all even if you manage to run local debug. And what the DE_CFG[9] bit exactly does other than &quot;preventing complex side effects instructions&quot; I&#x27;m not sure, there&#x27;s barely any information online, and most OS vendors are silent on this.<p><a href="https:&#x2F;&#x2F;github.com&#x2F;sbaresearch&#x2F;stop-zenbleed-win">https:&#x2F;&#x2F;github.com&#x2F;sbaresearch&#x2F;stop-zenbleed-win</a>

The Zenbleed exploit was announced about a week ago, however the Register wrongly and dangerously claims that it doesn&#x27;t affect QEMU or &quot;any form of emulation&quot;.<p>We were able to run the exploit inside of a Firecracker VM with KVM, and of course Docker, K8s etc has the same set of issues.<p>Short story - if you&#x27;re running an AMD CPU, check the exploit (it&#x27;s very quick) and update your OS.