Tom’s Hardware is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more
By 17 September 2021
Apply this patch right away if you have an AMD CPU.
AMD has divulged details about a chipset driver vulnerability that can allow non-privileged users to read and dump some types of memory pages in Windows. This technique allows an attacker to steal passwords or enable other types of attacks, including circumventing standard KASLR exploitation (aka Spectre and Meltdown) mitigations (via TheRecord).
Word of the bug came as part of a coordinated disclosure with Kyriakos Economou, a security researcher and co-founder of ZeroPeril, who exploited the vulnerability to download several gigabytes of sensitive data from impacted AMD platforms — but as a non-admin user. AMD has prepared mitigations that can be downloaded either as part of its latest chipset drivers or by using Windows Update to update the AMD PSP driver (details of how to update are below).
AMD originally issued the patch several weeks ago, but without disclosing which vulnerabilities were addressed. This new disclosure answers those questions.
The security researcher first discovered the flaw with Ryzen 2000- and 3000-series platforms, but AMD initially listed only Ryzen 1000 and older chips in its advisory. The researcher noted the discrepancy in his report, and we followed up with AMD about the issue. AMD has since updated the page with a full list of impacted platforms that spans its entire modern consumer processor lineup as well as many older models (list below).
Economou attacked two separate issues with AMD’s amdsps.sys driver for its Platform Security Processor (PSP), an embedded chip that manages chip security. The vulnerability allowed the researcher to extract multiple gigabytes of uninitialized physical memory pages. The full report goes deeper into the details of the vulnerability (PDF alert), but this passage summarizes the end result:
“During our tests we managed to leak several gigabytes of uninitialized physical pages by allocating and freeing blocks of 100 allocations continuously until the system was not able to return a contiguous physical page buffer.
The contents of those physical pages varied from kernel objects and arbitrary pool addresses that can be used to circumvent exploitation mitigations such as KASLR, and even registry key mappings of RegistryMachineSAM containing NTLM hashes of user authentication credentials that can be used in subsequent attack stages.
For example, these can be used to steal credentials of a user with administrative privilege and/or be used in pass-the-hash style attacks to gain further access inside a network.”
AMD advises that impacted users update to AMD PSP driver 220.127.116.11 via Windows Update or to AMD Chipset Driver 3.08.17.735 (or newer in the future).
AMD’s chipset driver vulnerability disclosure comes on the heels of news that all of its processors suffer from a Meltdown-like vulnerability that will require specific software optimizations to patch. However, AMD leaves that to software vendors to implement, meaning many types of software could simply go unpatched.
AMD’s processors have gained a reputation for being more secure than Intel’s chips due to far fewer discovered vulnerabilities. However, as the smaller player with less overall x86 market share, it has long been opined that AMD’s processors simply haven’t been subject to as much poking and prodding from researchers. Now that AMD has taken a more significant portion of the market and continues to grow it is inevitable that researchers, and nefarious actors, will target the processors more frequently.
Here’s a guide on how to update your system and a comprehensive list of affected processors, which includes all Ryzen CPUs and Threadrippers, along with dozens of other models .
If you’re wondering whether you already have the mitigations in place to protect your PC, you need to check to see if your AMD PSP driver is version 18.104.22.168 or higher. To do that:
1. Open device manager. You can get there either by hitting Windows key + X and selecting it from the context menu.
2. Open Security devices.
3. Right click on AMD PSP Device and select properties.
4. Click the Driver tab.
5. Look at the Driver Version number. If it’s under 22.214.171.124 you need an update.
If you have one of the CPUS above, you’re running Windows and your AMD PSP driver is lower than 126.96.36.199, follow these instructions.
1. Navigate to AMD’s Drivers and Support Page.
2. Select the chipset for your motherboard from the menu and click Submit. For Ryzen processors, you’ll want to start by picking Chipsets->AMD Socket AM4 and then the chipset (ex: B550).
3. Click the Download button beneath “AMD Chipset Drivers.” A zip file will download.
4. Open the zip file, extract the installer and run it. Be patient, because the software can take a few minutes to detect what you have and appear to be frozen. Don’t click out of the window or, as per our experience, it may freeze.
5. Make sure AMD PSP Driver is checked and click Install.
Again, you will need to be patient as the system will take several minutes downloading and installing updates.
6. Click Restart when the process is completed.
Your computer will reboot and you should have the updated AMD PSP driver now.
Paul Alcorn is the Deputy Managing Editor for Tom’s Hardware US. He writes news and reviews on CPUs, storage and enterprise hardware.
Get instant access to breaking news, in-depth reviews and helpful tips.
Thank you for signing up to Tom’s Hardware. You will receive a verification email shortly.
There was a problem. Please refresh the page and try again.
Tom’s Hardware is part of Future US Inc, an international media group and leading digital publisher. Visit our corporate site.
© Future US, Inc. 11 West 42nd Street, 15th Floor, New York, NY 10036.