Jump to content
Login new information ×
Login new information
  • Security & Privacy News

    Microsoft: Defender Hardware & Firmware assessment helps you ID flawed AMD Zenbleed CPUs

    Karlston

    By Karlston,
    Published Date:

    • 586 views
    • 2 minutes
     Share
    • 586 views
    • 2 minutes

    Recently, we covered the Intel "Downfall" GDS security vulnerability that affects almost all of the slightly older Intel processors. Although the newer generation chips were unaffected by that, a buggy microcode update from Intel and its vendor partners' side led to a "UNSUPPORTED_PROCESSOR" BSODs on Windows 11 and Windows 10 PCs and Microsoft rightfully denied taking any blame for that.

     

    Meanwhile, Red Team rivals have not been immune to issues either as researchers discovered a YMM register-related vulnerability in Ryzen 3000, 4000, 5000, 7000 series chips called "Zenbleed".

     

    Microsoft has published a Tech Community blog post today describing how IT admins and system admins can manage such vulnerable processors using a new Defender technology called "Hardware and Firmware Assessment" inside Microsoft Defender Vulnerability Management.

     

    In the example image provided though, Microsoft shows an AMD Carrizo A10-8700P APU which is not affected by Zenbleed. Carrizo is based on the fourth-gen Bulldozer micro-architecture known as Excavator.

     

    Microsoft explains:

     

    Microsoft Defender Vulnerability Management Hardware and firmware assessment capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that are potentially exposed to this vulnerability (these devices must be onboarded to the service).

     

    To use this capability, you’ll need access Defender Vulnerability Management premium offering. You can do that via purchasing the Add-on or Standalone licenses or by simply joining the free trial.

     

    1694417610_defender_firmware_hardware_vu

     

    In a section under that, Microsoft has shown how to identify vulnerable processors using the tool:

     

    The following Advanced Hunting query provides a list of the potentially vulnerable devices with AMD processors:

     

    DeviceTvmHardwareFirmware

     

    | where ComponentType == "Processor"

     

    | where Manufacturer contains "amd"

     

    AMD has already announced that firmware patches that mitigate the Zenbleed vulnerability are on their way. You can bookmark this dedicated article we did to keep track of when the applicable firmware will be available.

     

    Source

     Share
    Go to news

    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.

    ×

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...