In cursory: Later finding several security flaws in Intel's System Guard Extensions (SGX), security researchers have now revealed a flaw in AMD's Platform Security Processor (PSP) chipset driver that makes it easy for attackers to steal sensitive data from Ryzen-powered systems. On the upside, there's already patches available from both Microsoft and AMD to shut the exploit.

Recently, AMD disclosed a vulnerability in the AMD Platform Security Processor (PSP) chipset driver that allows malicious actors to dump retention pages and exact sensitive data such equally passwords and storage decryption keys.

The flaw is tracked under CVE-2021-26333 and is considered medium severity. It affects a wide range of AMD-powered systems, with all Ryzen desktop, mobile, and workstation CPUs existence affected. Additionally, PCs equipped with a sixth and 7th generation AMD A-series APU or mod Athlon processors are vulnerable to the aforementioned attack.

Security researcher Kyriakos Economou over at ZeroPeril discovered the flaw back in April. His team tested a proof-of-concept exploit on several AMD systems and found it relatively easy to leak several gigabytes of uninitialized physical memory pages when logged in as a user with low privileges. At the same time, this attack method can bypass exploitation mitigations like kernel address space layout randomization (KASLR).

The good news is there are patches available for this flaw. I way to ensure yous get them is to download the latest AMD chipset drivers from TechSpot Drivers page or AMD's own website. The driver was released a calendar month ago, but at the fourth dimension AMD chose non to fully disclose the security fixes contained in the release.

Another way to ensure your system is patched against this consequence is to install Microsoft'due south latest Patch Tuesday update. Earlier you practise then, yet, proceed in mind that it will probable suspension network printing. For an in-depth read about the security flaw discovered past Kyriakos Economou, accept a wait hither.