AMD announced that Windows users should immediately update their operating systems because a dangerous vulnerability was discovered in one of the CPU drivers.
The vulnerability could be exploited to dump system memory and steal sensitive information from computers using AMD chips.
Vulnerability CVE-2021-26333 ανακαλύφθηκε από τον Κυριάκο Οικονόμου, συνιδρυτή της εταιρείας ασφαλείας ZeroPeril, και βρίσκεται στο πρόγραμμα οδήγησης (driver) του AMD Platform Security Processor (PSP), which is AMD's equivalent of Intel's SGX technology.
It is also known as trusted execution environment (TEE from trusted execution environment). AMD PSP creates safe pockets within them processors AMD που επιτρέπουν στο functional system to process sensitive information within a cryptographically secured memory.
To interact with the pockets, the Windows operating system uses a kernel driver called amdsps.sys.
But a publication by Oikonomou on Wednesday, revealed two problems in this driver that allow a non-administrator user to dump the system memory and search for sensitive information that the operating system handles.
So on Tuesday, as Microsoft released the standard updates via Patch Tuesday, AMD officially released the vulnerability, urging anyone interested to apply the updates they contained and the AMD Chipset Driver updates.
AMD recommends updating to AMD PSP driver 5.17.0.0 through Windows Update or by updating to AMD Chipset Driver 3.08.17.735.
The company said that the following products are affected by the vulnerability, and those who use them should inform immediately:
- AMD FX APU 6th generation with Radeon ™ R7 Graphics
- AMD A10 APU with Radeon R6 Graphics
- AMD A8 APU with Radeon R6 Graphics
- AMD A6 APU with Radeon R5 Graphics
- AMD A4-Series APU with Radeon Graphics
- AMD Athlon ™ X4 Processor
- AMD E1-Series APU with Radeon Graphics
- AMD Ryzen ™ 1000 series Processor