Anyone employing a computer that runs AMD Ryzen hardware must apply the newest driver updates to secure their computer systems. Last month, AMD launched a driver to patch a critical security flaw without mentioning which vulnerability the patch was meant to deal with. However, a recent report published by security researchers disclosed a big vulnerability within the driver.
If attackers exploited the vulnerability, they might steal sensitive information from Ryzen computers, including passwords. The vulnerability impacts all Ryzen processors and several other previous generations of AMD hardware. The vulnerability is within the Platform Security Processor (PSP) chipset driver and is tracked under CVE-2021-26333.
The PSP is a crucial part of the pc that works in conjunction with the OS to store sensitive data using secured memory sections. It’s only alleged to be accessible to administrators, but the recently published report found that non-privileged users could leverage an exploit within the driver to realize access to the knowledge . The report was published by security research firm ZeroPeril.
Initially, AMD said the vulnerability was only a problem for systems running the Ryzen 1000 series processors. However, the report found that each desktop and mobile Ryzen hardware was vulnerable, and AMD did update the safety disclosure in light of the report.
It’s important to know that the vulnerability is within the motherboard chipset. Meaning any person running an AMD graphics card but isn’t using an AMD processor doesn’t need to worry about this particular vulnerability. Researchers at ZeroPeril were ready to leverage the vulnerability to leak multiple gigabytes of knowledge. The exploits allow access to sensitive data and can provide attackers with additional access to network resources. the great news is AMD already features a new PSP chipset driver (5.17.0.0) that launched last week.
