Own an AMD Ryzen CPU? Download the latest chipset drivers for 'critical security fixes'

[The_King]

Content source

https://www.pcgamer.com/uk/own-an-amd-ryzen-cpu-download-the-latest-chipset-drivers-for-critical-security-fixes/

Despite the vague release notes, Ryzen (including Threadripper) owners should install this driver.

If you own an AMD Ryzen processor, heads up there is a new chipset driver package available that covers nearly a dozen platforms. The release notes aren't all that detailed, but AMD does at least make clear that it contains "critical security fixes" for its Platform Security Processor (PSP) technology.

This refers to specialized hardware AMD has been integrating into its processors for about the past eight years, including its most recent Ryzen chips. Also referred to as AMD Security Technology, it consists of an Arm-based coprocessor with similar capabilities to Intel's Management Engine (IME). Both handle various low-level functions.

A point of criticism about these technologies is that AMD and Intel largely keep their inner workings a secret, presumably to make it more difficult for hackers to root out and exploit any vulnerabilities with such deep access to the CPU and its subsystems. There have been efforts to learn more about them, like the PSPTool that Joel Hruska at ExtremeTech wrote about a couple of years ago.


Suffice to say, if AMD rolls out an update to patch critical security flaws within its PSP, you should get it (presuming you own an AMD system). As our friends at Tom's Hardware note, this could potentially refer to one or both vulnerabilities AMD mentions on its product security portal, that affect all Ryzen chips.

One of them is titled Speculative code store bypass and floating-point value injection, which if exploited, could leak data that is supposed to be kept away from prying eyes. The other is Transient execution of non-canonical accesses, another flaw that could result in unwanted data leakage.

To be clear, AMD does not mention these specific vulnerabilities in its release notes, so it's possible that the security fixes are entirely unrelated. Even if that is the case, however, whatever exploit the chipset driver targets is deemed "critical," so you'd still be wise to grab the update package.

The new chipset driver (version 3.08.17.735) also updates AMD's MicroPEP driver with some bug fixes. This assists with managing transitions between power states and clock speeds.

Multiple users on Reddit claim to have already received the same updated PSP driver in this chipset package, from Windows Update. Still, it doesn't hurt to install AMD's chipset driver package, though you may wish to uninstall your current chipset driver first.

"In most cases, the simple process of installing or upgrading the AMD Ryzen chipset drivers can be completed without issues. However, if there have been recent changes to your system hardware configuration or the currently installed chipset drivers are extremely outdated, then it is recommended to uninstall the existing chipset drivers before installing the new package," AMD says. "Performing the uninstall ensures a clean system and can help reduce issues or conflicts which may occur with the new installation."

You can refer to AMD's how-to guide on how best to go about this (in short, you'll want to go into the Control Panel and uninstall through the Windows Programs and Features page).

As to the supported chipsets. AMD's list includes WRX80 and TRX40 for Threadripper processors, and X570, B550, A520, X399, X470, B450, X370, B350, and A320 for mainstream Ryzen CPUs.