by George Whittaker AMD has officially confirmed a high-severity security vulnerability in its new Zen 5–based CPUs, and it’s a nasty one because it hits cryptography right at the source: the hardware random number generator. Here’s a clear breakdown of what’s going on, how bad it really is, and what you should do if you’re running Zen 5. What AMD Just Confirmed AMD’s security bulletin AMD-SB-7055, now tracked as CVE-2025-62626, describes a bug in the RDSEED instruction on Zen 5 processors. Under certain conditions, the CPU can: Return the value 0 from RDSEED far more often than true randomness would allow Still signal “success” (carry flag CF=1), so software thinks it got a good random value The issue affects the 16-bit and 32-bit forms of RDSEED on Zen 5; the 64-bit form is not affected. Because RDSEED is used to feed cryptographically secure random number generators (CSPRNGs), a broken RDSEED can poison keys, tokens, and other security-critical values. AMD classifies the impact as: