The security researchers first discovered the flaw with Ryzen 2000- and 3000-series platforms, while AMD initially only listed Ryzen 1000 and older processors in its advisory.
Tom’s Hardware raised the discrepancy, noted by the researchers in their report as well, and AMD has since updated its advisory to suggest that the issue affects its entire modern consumer processor lineup as well as several older models.
We're looking at how our readers use VPNs with streaming sites like Netflix so we can improve our content and offer better advice. This survey won't take more than 60 seconds of your time, and we'd hugely appreciate if you'd share your experiences with us.
- Protect your devices with these best antivirus software
- Here's our choice of the best malware removal software on the market
- These are the best ransomware protection tools
Tracked as CVE-2021-26333 the vulnerability resides in the driver for AMD Platform Security Processor (PSP), which helps enable the operating system to process sensitive information inside cryptographically-secured portions of memory.
According to The Record, Windows relies on the amdsps.sys driver to make use of the PSP feature. The researchers were able to compromise this driver to download several gigabytes of sensitive data as a non-admin user.
Additionally, parsing through the detailed report, Tom’s Hardware notes that the researchers argue that the data obtained from exploiting the vulnerability could help attackers circumvent mitigations for exploits such as Spectre and Meltdown.
Interestingly, AMD had reportedly already issued the patch several weeks ago, without sharing details about the issue until now.
- These are the best endpoint protection tools
Via Tom’s Hardware
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With almost two decades of writing and reporting on Linux, Mayank Sharma would like everyone to think he’s TechRadar Pro’s expert on the topic. Of course, he’s just as interested in other computing topics, particularly cybersecurity, cloud, containers, and coding.