for readers missing the significance of the number 4 in the proof of concept: to demonstrate this vulnerability the researchers created a microcode update which replaces the “hardware” random number generator behind the RDRAND instruction with an implementation of xkcd#221 😭
I thought the same, looks like AMD is trying to introduce something to limit that access (ie allow potentially compromised hosts run trusted VMs).
Probably to make VPS’ more attractive to security focused divisions.