TECH NEWS – According to AMD’s information, a vulnerability divulges passwords to a non-administrative user.
Via the CPU, any user can access information that they can download via certain Windows memory pages. They can launch attacks, such as interrupting KASLR exploit mitigations, also known as Spectre and Meltdown. The vulnerability came to light via Kyriakos Economous, co-founder of ZeroPeril and a security researcher. Thanks to him, you can download the new AMD PSP driver (5.17.0.0) via Windows Update. (Or look for the AMD Chipset Driver version 3.08.17.735.)
Here’s a list of all the affected chipsets:
- 2nd Gen AMD Ryzen Mobile Processor with Radeon Graphics
- 2nd Gen AMD Ryzen Threadripper processor
- 3rd Gen AMD Ryzen™ Threadripper™ Processors
- 6th Generation AMD A-series CPU with Radeon™ Graphics
- 6th Generation AMD A-Series Mobile Processor
- 6th Generation AMD FX APU with Radeon™ R7 Graphics
- 7th Generation AMD A-Series APUs
- 7th Generation AMD A-Series Mobile Processor
- 7th Generation AMD E-Series Mobile Processor
- AMD A4-Series APU with Radeon Graphics
- AMD A6 APU with Radeon R5 Graphics
- AMD A8 APU with Radeon R6 Graphics
- AMD A10 APU with Radeon R6 Graphics
- AMD 3000 Series Mobile Processors with Radeon™ Graphics
- AMD Athlon 3000 Series Mobile Processors with Radeon™ Graphics
- AMD Athlon Mobile Processors with Radeon™ Graphics
- AMD Athlon X4 Processor
- AMD Athlon™ 3000 Series Mobile Processors with Radeon™ Graphics
- AMD Athlon™ X4 Processor
- AMD E1-Series APU with Radeon Graphics
- AMD Ryzen™ 1000 series Processor
- AMD Ryzen™ 2000 series Desktop Processor
- AMD Ryzen™ 2000 series Mobile Processor
- AMD Ryzen™ 3000 Series Desktop Processor
- AMD Ryzen™ 3000 series Mobile Processor with Radeon™ Graphics
- AMD Ryzen™ 3000 series Mobile Processor
- AMD Ryzen™ 4000 Series Desktop Processor with Radeon™ Graphics
- AMD Ryzen™ 5000 Series Desktop Processor
- AMD Ryzen™ 5000 Series Desktop Processor with Radeon™ Graphics
- AMD Ryzen™ 5000 Series Mobile Processors with Radeon™ Graphics
- AMD Ryzen™ Threadripper™ PRO Processor
- AMD Ryzen™ Threadripper™ Processor Ryzen Threadripper Processor
AMD’s current driver update has been active for several weeks, but AMD explained just now the details. Economou explained the process in a recently released report: „During our tests, we managed to leak several gigabytes of uninitialized physical pages by allocating and freeing blocks of 100 allocations continuously until the system was not able to return a contiguous physical page buffer. The contents of those physical pages varied from kernel objects and arbitrary pool addresses that can be used to circumvent exploitation mitigations such as KASLR and even registry key mappings of \Registry\Machine\SAM containing NTLM hashes of user authentication credentials that can be used in subsequent attack stages. For example, these can be used to steal credentials of a user with administrative privilege and/or be used in pass-the-hash style attacks to gain further access inside a network.”
Economou initially discovered the exploit utilizing the 2000 and 3000 series Ryzen CPU, and AMD originally listed only the Ryzen 1000 series and older generations of CPUs in its internal advisories. The report shows that Economou targeted two separate sections of the AMD amdsps.sys driver, which the Platform Security Processor (PSP) utilized. It is “an embedded chip that manages chip security.” And due to the vulnerability, Economou could get all those “uninitialized physical memory pages.”
This is the downside of AMD gaining market share. It also applies to another exploit found in their GPUs’ memory sections, opening the door for further attacks. If your AMD PSP driver is below 5.17.0.0, then head over to the AMD Drivers and Support Page, locate your chipset model for your motherboard from the menu and click the “Submit” button. Underneath where it says “AMD Chipset Drivers,” click the “Download” button to download the .zip file for your particular model. Once downloaded, open the .zip file, extracting the installer file. Activate the installer. Once activated, your system will determine the chipset that you are using in your system. This process does take several minutes, so it is advised to be patient until it has located the information it needs. Ensuring that the AMD PSP Driver is selected, click Install. After several minutes, click “Restart” once the file is installed to finalize the process.
This isn’t a joke.
Source: WCCFTech
Leave a Reply