Blog Post

Microsoft Defender Vulnerability Management Blog
2 MIN READ

Hardware & Firmware Assessment to identify devices with AMD processors

Tomer_Reisner's avatar
Tomer_Reisner
Former Employee
Sep 08, 2023

 

About this vulnerability

In certain cases, within the microarchitecture of "Zen 2" CPUs, a register may not be properly written to 0, potentially leading to the storage of data from another process or thread in the YMM register. This vulnerability could allow an attacker to access sensitive information. The severity is classified as "Medium" with the CVE identifier CVE-2023-20593. AMD suggests implementing a microcode patch for AMD EPYC™ 7002 Processors and applying BIOS updates with specific AGESA™ firmware versions for other impacted products to mitigate this issue. AMD intends to provide the AGESA™ versions to OEMs on scheduled dates for BIOS updates. Users are advised to consult their OEMs for the relevant BIOS update for their product.

Read more in https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7008.html

 

How Defender Vulnerability Management can assist

Microsoft Defender Vulnerability Management https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/tvm-hardware-and-firmware?view=o365-worldwide capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that are potentially exposed to this vulnerability (these devices must be https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/mdvm-onboard-devices?view=o365-worldwide).

To use this capability, you’ll need access https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management-capabilities?view=o365-worldwide. You can do that via purchasing the Add-on or Standalone licenses or by simply joining the https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management-trial?view=o365-worldwide.

 

 

 

Identify affected devices.

The following Advanced Hunting query provides a list of the potentially vulnerable devices with AMD processors:

DeviceTvmHardwareFirmware

| where ComponentType == "Processor"

| where Manufacturer contains "amd"

 

Learn more

If you’re interested in learning more about Microsoft Defender Vulnerability Management https://www.microsoft.com/en-us/security/business/threat-protection/microsoft-defender-vulnerability-management to take advantage of our free 90-day trial, check out our https://aka.ms/mdvmguide, and read more information in our https://learn.microsoft.com/en-us/microsoft-365/security/defender-vulnerability-management/defender-vulnerability-management?view=o365-worldwide.

 

As always, we’d love to know what you think.

Looking forward to your feedback. share your feedback directly at: mailto:mdvmfeedback@microsoft.com

 

Updated Sep 08, 2023
Version 1.0

14 Comments

Sort By
Show More
  • suresh164's avatar
    suresh164
    Copper Contributor
    Oct 14, 2023

    To assess devices with AMD processors, you can follow a systematic approach that involves both hardware and firmware examination. Here are the steps you can take:

    Hardware Assessment:

    1. Physical Inspection: Begin by physically inspecting the devices. Check for any labels or markings that indicate the presence of an AMD processor. This might include stickers on the device or information in the user manual.

    2. System Information:

      • On Windows:
        • Press Win + Pause/Break or right-click "This PC" and select "Properties" to access the System Information.
      • On Linux:
        • Open a terminal and use the or command to gather system information.
      • On macOS:
        • Go to the Apple menu, select "About This Mac," and then click on "System Reporthttps://www.thevaluecreators.org/"

    3. BIOS/UEFI Settings:

      • Restart the device and enter the BIOS/UEFI settings. Typically, this involves pressing a key like F2 or Del during startup. Check the system information in the BIOS/UEFI for processor details.

    Firmware Assessment:

    1. Firmware Information:

      • Check the firmware information stored in the BIOS/UEFI settings. This information might include details about the processor and its manufacturer.

    2. System Management Mode (SMM) Code:

      • Examine the system for any software or code that specifically interacts with the processor. In some cases, you might find references to AMD or its microcode in the SMM code.

    3. Firmware Updates:

      • Visit the device manufacturer's website to check for firmware updates. The release notes or documentation for these updates may mention the type of processors supported, including AMD processors.

    4. System Logs:

      • Check system logs for any firmware-related messages or information about the processor. Logs might be available in the event viewer on Windows, syslog on Linux, or console logs on macOS.

    5. CPU Microcode Version:

      • Use system utilities to inspect the CPU microcode version. You can do this through tools like CPU-Z or by running specific commands in the operating systemhttps://newstoday360.com

    Remember that the exact steps and tools may vary depending on the device's operating system and firmware. Additionally, keep in mind that not all AMD processors may be clearly labelled in the firmware or hardware, so a combination of these steps is usually necessary to accurately identify the processor type.

  • mahekhan's avatar
    mahekhan
    Copper Contributor
    Oct 12, 2023

    A "Hardware & Firmware Assessment for AMD Processors" is a meticulous inspection of computer systems to distinguish those equipped with AMD processors from alternatives like Intel. This assessment covers both hardware and firmware components.

    The process includes:

    1. Hardware Identification: Physically inspecting systems and using software tools to confirm AMD processors.

    2. Firmware Analysis: Checking BIOS/UEFI settings, microcode updates, and patches for accurate identification.

    3. Software-Based Assessment: Using remote software to scan and identify processor types.

    4. Documentation Review: Cross-referencing system records to verify processor types.

    The outcome is a comprehensive report detailing all AMD-equipped devices, aiding organizations in managing hardware inventory, optimizing performance, and planning updateshttps://www.redway-tech.com/high-voltage-energy-storage-battery/

  • mahekhan's avatar
    mahekhan
    Copper Contributor
    Oct 12, 2023

    A "Hardware & Firmware Assessment for AMD Processors" entails a comprehensive examination of computer systems to distinguish those housing AMD processors from other brands like Intel. This assessment covers both hardware and firmware components. Key steps involve physically inspecting systems, utilizing software tools for processor identification, examining BIOS or UEFI firmware settings, and cross-referencing with documentation. A comprehensive report is generated, detailing all devices with AMD processorshttps://www.redway-tech.com/high-voltage-energy-storage-battery/ their specifications, and relevant firmware data. This assessment aids organizations in efficient hardware inventory management, planning processor-specific updates, and optimizing system performance based on the processors in use, ensuring smooth operations.

  • ItsBhatti's avatar
    ItsBhatti
    Iron Contributor
    Sep 08, 2023

    A "Hardware & Firmware Assessment to identify devices with AMD processors" involves a thorough examination of computer systems to determine which ones are equipped with AMD processors, as opposed to processors from other manufacturers such as Intel. This assessment typically includes a review of both hardware and firmware components.

    The assessment may encompass the following steps:

    1. Hardware Identification:

      • Physically inspecting the computer systems or servers to identify the type of processor installed.
      • Utilizing software tools or system utilities to retrieve processor information and confirm the presence of AMD processors.

    2. Firmware Analysis:

      • Checking the BIOS or UEFI firmware settings and version information to identify AMD processors.
      • Verifying the microcode updates and patches applied to ensure accurate processor identification.

    3. Software-Based Assessment:

      • Using software utilities or scripts that can scan and identify the processor type across multiple devices remotely.

    4. Documentation Review:

      • Examining system documentation, purchase records, or invoices to cross-verify the processor type against the hardware.

    5. Reporting:

      • Compiling a comprehensive report detailing all devices with AMD processors, including their specifications and any relevant firmware detailshttps://newstoday360.com/

    By conducting this assessment, organizations can effectively manage their hardware inventory, plan for processor-specific updates or optimizations, and ensure that their systems are running efficiently based on the type of processors in use.