News AMD Chipset Vulnerability Leaks Passwords, Patch Available

Wolfshadw

Titan
Moderator
Didn't see in the article where to check for your version of the AMD PSP Driver, so I found it under Device Manager --> Security Devices --> AMD PSP 3.0 Device.

H4bQzSJ.jpg


I'm running a Ryzen 5 2600 on a B450 chipset.

-Wolf sends
 

dehjomz

Distinguished
Dec 31, 2007
70
48
18,560
Ouch. Glad they fixed the problem but that’s a pretty severe bug for admin access to be granted to a non-admin user. So much for Intel being the x86 vendor with security problems…
 

Makaveli

Splendid
Seems THG is reporting this late?

I'm already on this based on the previous chipset driver.




They just released a newer version last week that has windows 11 support.

version 3.09.01.140
 

InvalidError

Titan
Moderator
Ouch. Glad they fixed the problem but that’s a pretty severe bug for admin access to be granted to a non-admin user. So much for Intel being the x86 vendor with security problems…
AMD likely has every bit as many security issues. Most of the flaws found in AMD CPUs were simply researchers checking whether AMD CPUs were vulnerable to the same or similar things Intel CPUs were after finding a new class of flaws on Intel chips, often finding out that ARM and other CPUs are also vulnerable to similar things.

With AMD gaining more market share, you can expect more researchers to focus on AMD first and find more AMD-specific flaws.
 

Makaveli

Splendid
One more time...

Why does my General Tab show "No Driver Installed"? Tom's example shows "This device is working properly".
Please reread my question.

Really dude come on.

My General Tab also doesn't show any info because you need to click on the driver tab.

one more time reread the response that was given to you.

 

PaulAlcorn

Managing Editor: News and Emerging Technology
Editor
Feb 24, 2015
858
315
19,360
Seems THG is reporting this late?

I'm already on this based on the previous chipset driver.




They just released a newer version last week that has windows 11 support.

version 3.09.01.140

I think it would be more appropriate to say that AMD is reporting this late. They issued patches but did not disclose the nature of the vulnerability until this week.
 

InvalidError

Titan
Moderator
Why does my General Tab show "No Driver Installed"? Tom's example shows "This device is working properly".
Then go to the driver tab, click "Update drivers" and hope Windows finds something. It automatically installed drivers when I installed a BIOS update that fixed some TPM-related issues ahead of Windows 11, wasn't getting recognized before then.
 
Really dude come on.

My General Tab also doesn't show any info because you need to click on the driver tab.

one more time reread the response that was given to you.

I know that!
That's not what I am asking!
I know the Driver Tab shows the Driver Version.
My Driver Tab also shows the Driver Version.
You just displayed it yourself that the General Tab shows "This Device is working properly"
Mine does not show that.
Is that clear enough?
And your General Tab shows a PSP 11.0 Device whereas mine shows a PSP 3.0 Device.
 

Makaveli

Splendid
I think it would be more appropriate to say that AMD is reporting this late. They issued patches but did not disclose the nature of the vulnerability until this week.

I guess so because i've seen a few other sites reporting this today and I was like I installed a driver for this in August so I was doing alot of head scatching.

I know that!
That's not what I am asking!
I know the Driver Tab shows the Driver Version.
My Driver Tab also shows the Driver Version.
You just displayed it yourself that the General Tab shows "This Device is working properly"
Mine does not show that.
Is that clear enough?
And your General Tab shows a PSP 11.0 Device whereas mine shows a PSP 3.0 Device.

"Granted I am running a one year old BIOS (1407). "

Update your bios dude. I'm on 4021 that bios 1407 was released on 2020/04/10
 
Last edited:
I guess so because i've seen a few other sites reporting this today and I was like I installed a driver for this in August so I was doing alot of head scatching.



How recent is the bios that you are using on that asus board?

As I said, I am using 1407.
The current release is 4021.
I usually don't make it a habit to change my BIOS unless there is pressing need to do so. If it ain't broke - don't fix it.
That's been my philosophy for 30+ years in the business.
I will probably flash a more recent one when I upgrade my CPU from 2700X to 3700X or higher. In fact I will have to.
For now it's working fine so I will stick with what I have.
 

Makaveli

Splendid
As I said, I am using 1407.
The current release is 4021.
I usually don't make it a habit to change my BIOS unless there is pressing need to do so. If it ain't broke - don't fix it.
That's been my philosophy for 30+ years in the business.
I will probably flash a more recent one when I upgrade my CPU from 2700X to 3700X or higher. In fact I will have to.
For now it's working fine so I will stick with what I have.

Understood but the difference in our bios is most likely why you see a difference on your x570 board. And why not go straight to Zen 3 for your upgrade instead of going to zen 2?
 
Last edited:
Understood but the difference in our bios is most likely why you see a difference on your x570 board. And why not go straight to Zen 3 for your upgrade instead of going to zen 2?
Because I have only had the 2700X for 18 months and I don't have the money for either Zen2 or Zen3.
Thanks for the thoughts man.
Appreciated.
 

waltc3

Reputable
Aug 4, 2019
420
223
5,060
AMD Ryzen CPUs are indeed far, far less vulnerable than Intel's latest to date--they require a tiny fraction of the firmware and OS microcode patches of current Intel CPUs. No bias here--just fact. Hopefully when Intel decides to ship Alder's Lake most of those will have been resolved. It seems like people start repeating the same old "vulnerabilities" for Ryzen/Epyc in order to create the appearance of AMD vulnerabilities that aren't actually there...I've seen this story twice now on Tom's. So, Caveat Emptor...;)
 

InvalidError

Titan
Moderator
AMD Ryzen CPUs are indeed far, far less vulnerable than Intel's latest to date--they require a tiny fraction of the firmware and OS microcode patches of current Intel CPUs.
If you are truly unbiased, then you also have to acknowledge that practically all blockbuster Intel flaws have next to no practical application in the real-world. The fixes are only relevant to places that need ultra-secure servers where even a remote chance of known potential exploit getting used no matter how low the chance of success before getting detected might be isn't an option.