Hardware & Firmware Assessment to ID flawed AMD Zenbleed CPUs


  • Staff

About this vulnerability

In certain cases, within the microarchitecture of "Zen 2" CPUs, a register may not be properly written to 0, potentially leading to the storage of data from another process or thread in the YMM register. This vulnerability could allow an attacker to access sensitive information. The severity is classified as "Medium" with the CVE identifier CVE-2023-20593. AMD suggests implementing a microcode patch for AMD EPYC™ 7002 Processors and applying BIOS updates with specific AGESA™ firmware versions for other impacted products to mitigate this issue. AMD intends to provide the AGESA™ versions to OEMs on scheduled dates for BIOS updates. Users are advised to consult their OEMs for the relevant BIOS update for their product.

Read more in AMD Security Bulletin

How Defender Vulnerability Management can assist

Microsoft Defender Vulnerability Management Hardware and firmware assessment capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that are potentially exposed to this vulnerability (these devices must be onboarded to the service).

To use this capability, you’ll need access Defender Vulnerability Management premium offering. You can do that via purchasing the Add-on or Standalone licenses or by simply joining the free trial.

large


Identify affected devices.

The following Advanced Hunting query provides a list of the potentially vulnerable devices with AMD processors:

DeviceTvmHardwareFirmware
| where ComponentType == "Processor"
| where Manufacturer contains "amd"

Learn more

If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.

As always, we’d love to know what you think.

Looking forward to your feedback. share your feedback directly at: mdvmfeedback@microsoft.com
Click to expand...

Source:
techcommunity.microsoft.com

Hardware & Firmware Assessment to identify devices with AMD processors

Microsoft Defender Vulnerability Management capabilities can be used to identify devices in your organization affected by recently published AMD microcode..
techcommunity.microsoft.com
 

Attachments

  • Windows_Security.png
    Windows_Security.png
    6 KB · Views: 1
Click to expand...
You must log in or register to reply here.

Similar threads

  • Article
Microsoft FAQ and guidance for XZ Utils backdoor vulnerability in Linux distributions
Replies
0
Views
477
Brink
Brink
  • Article
AMD Note About Potential Speculative Return Stack Overflow (SRSO) Vulnerability
Replies
0
Views
288
Brink
Brink
  • Article
AMD Zen 2 CPUs vulnerable to ZenBleed data leak bug
Replies
18
Views
1K
maffle
M
  • Article
Surface Laptop 3 with Intel drivers and firmware for Windows 10 and Windows 11 - March 1
Replies
0
Views
349
Brink
Brink
  • Article
CES 2024: New AMD Ryzen 5000, 8000G, 8040 Series Mobile and Desktop Processors
Replies
0
Views
688
Brink
Brink

Latest Support Threads

Latest Tutorials

Back
Top Bottom