Patch this AMD CPU vulnerability now, users warned
AMD shipped patch to users through Microsoft’s September Patch Tuesday
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
Cybersecurityresearchers have discovered anAMDchipset driver vulnerability that can be exploited to dump system memory and steal sensitive information.
The security researchers first discovered the flaw with Ryzen 2000- and 3000-series platforms, whileAMDinitially only listed Ryzen 1000 and older processors in its advisory.
Tom’s Hardwareraised the discrepancy, noted by the researchers in their report as well, and AMD has since updated its advisory to suggest that the issue affects its entire modern consumer processor lineup as well as several older models.
We’re looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won’t take more than 60 seconds of your time, and we’d hugely appreciate if you’d share your experiences with us.
Click here to start the survey in a new window«
The good news is that AMD has patched the vulnerability, and the updates were shipped throughMicrosoft’sSeptember Patch Tuesdaybundle.
Patch immediately
Tracked as CVE-2021-26333 the vulnerability resides in the driver forAMD Platform Security Processor (PSP), which helps enable theoperating systemto process sensitive information inside cryptographically-secured portions of memory.
According toThe Record, Windows relies on theamdsps.sysdriver to make use of the PSP feature. The researchers were able to compromise this driver to download several gigabytes of sensitive data as a non-admin user.
Additionally, parsing through the detailed report,Tom’s Hardwarenotes that the researchers argue that the data obtained from exploiting the vulnerability could help attackers circumvent mitigations for exploits such asSpectre and Meltdown.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Interestingly, AMD had reportedly already issued the patch several weeks ago,without sharing detailsabout the issue until now.
ViaTom’s Hardware
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’sTechRadar Pro’sexpert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.
Cisco issues patch to fix serious flaw allowing possible industrial systems takeover
7 myths about email security everyone should stop believing
Another reason to avoid edge-lit 4K TVs: they may fail faster than others, according to this report
