To keep their computers secure, everybody who uses AMD Ryzen hardware should install the latest driver updates. AMD released a driver to fix a significant security flaw last month without specifying which vulnerability it was designed to fix. However, security researchers recently published a paper that revealed a severe weakness in the driver.
Attackers might collect personal information from Ryzen systems, including passwords if the vulnerability was exploited. All Ryzen CPUs, as well as various prior versions of AMD hardware, are affected by the flaw. The flaw is in the Platform Security Processor (PSP) chipset driver, and it’s been assigned the number CVE-2021-26333.
The PSP is a critical component of the computer that works in tandem with the operating system to store sensitive data in safe memory portions. It’s only supposed to be accessible to administrators, but a newly published investigation discovered that non-privileged individuals might acquire access to the information by exploiting a flaw in the driver. ZeroPeril, a security research group, released the study.
AMD first stated that the vulnerability only affected PCs using Ryzen 1000 series processors. However, the investigation discovered that all Ryzen hardware, including desktop and mobile, was vulnerable. In light of the information, AMD updated its security disclosure.
It’s critical to recognize that the flaw is in the motherboard chipset. This means that any computer user who uses an AMD graphics card but not an AMD processor is safe from this particular vulnerability. ZeroPeril researchers were able to exploit the flaw to leak many gigabytes of data. The exploits not only provide attackers access to sensitive data but can also give them access to network resources. The good news is that AMD released a new PSP chipset driver (22.214.171.124) last week.