AMD releases update to patch chipset vulnerability that can leak passwords
You should update your chipset driver right away if you are using an AMD Ryzen processor. A chipset vulnerability was reported where low privilege users can read and dump memory pages in Windows. This can allow attackers to steal passwords or enable other type of attacks. AMD has apparently patched the bug a few weeks back, but they just recently announced the reason behind the update.
The affected processors span all the way from their 6th Gen AMD A-series and AMD FX processors, all the way up to the latest AMD Ryzen 5000 series processors. That’s pretty much the entire lineup in recent history, so if you are using an AMD processor, you will most probably own one of them.
This security flaw was discovered by security researcher Kyriakos Economou, co-founder of ZeroPeril. The vulnerability allowed him to download several GBs of uninitialized physical pages as a non-admin user. This may contain data including the credentials of privileged users, which will enable deeper attacks. The attack is done on the AMD Platform Security Processor (PSP) driver.
In any case, all you need to do is head on over to AMD’s website, download the latest chipset drivers version 3.08.17.735, or newer, for your system, and you will be well on your way. Another recently exposed AMD vulnerability is their Meltdown-like flaw that requires software vendors to implement the updates, rather than being able to be fixed on AMD’s end. While Intel has gotten a lot of flak recently with several severe security flaws being exposed and subsequently patched, this proves that AMD has its fair share of them as well.
Pokdepinion: From my experience with AMD GPU drivers, don’t update unless you have to. I guess this is one of those times. Make sure you are updated!
Leave a Response