Hardware & Firmware Assessment to identify devices with AMD processors

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Community Hub.

 

About this vulnerability

In certain cases, within the microarchitecture of "Zen 2" CPUs, a register may not be properly written to 0, potentially leading to the storage of data from another process or thread in the YMM register. This vulnerability could allow an attacker to access sensitive information. The severity is classified as "Medium" with the CVE identifier CVE-2023-20593. AMD suggests implementing a microcode patch for AMD EPYC™ 7002 Processors and applying BIOS updates with specific AGESA™ firmware versions for other impacted products to mitigate this issue. AMD intends to provide the AGESA™ versions to OEMs on scheduled dates for BIOS updates. Users are advised to consult their OEMs for the relevant BIOS update for their product.

Read more in AMD Security Bulletin

 

How Defender Vulnerability Management can assist

Microsoft Defender Vulnerability Management Hardware and firmware assessment capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that are potentially exposed to this vulnerability (these devices must be onboarded to the service).

To use this capability, you’ll need access Defender Vulnerability Management premium offering. You can do that via purchasing the Add-on or Standalone licenses or by simply joining the free trial.

 

Tomer_Reisner_0-1692902615206.png

 

 

Identify affected devices.

The following Advanced Hunting query provides a list of the potentially vulnerable devices with AMD processors:

DeviceTvmHardwareFirmware

| where ComponentType == "Processor"

| where Manufacturer contains "amd"

 

Learn more

If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.

 

As always, we’d love to know what you think.

Looking forward to your feedback. share your feedback directly at: mdvmfeedback@microsoft.com

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.