About this vulnerability
In certain cases, within the microarchitecture of "Zen 2" CPUs, a register may not be properly written to 0, potentially leading to the storage of data from another process or thread in the YMM register. This vulnerability could allow an attacker to access sensitive information. The severity is classified as "Medium" with the CVE identifier CVE-2023-20593. AMD suggests implementing a microcode patch for AMD EPYC™ 7002 Processors and applying BIOS updates with specific AGESA™ firmware versions for other impacted products to mitigate this issue. AMD intends to provide the AGESA™ versions to OEMs on scheduled dates for BIOS updates. Users are advised to consult their OEMs for the relevant BIOS update for their product.
Read more in AMD Security Bulletin
How Defender Vulnerability Management can assist
Microsoft Defender Vulnerability Management Hardware and firmware assessment capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that are potentially exposed to this vulnerability (these devices must be onboarded to the service).
To use this capability, you’ll need access Defender Vulnerability Management premium offering. You can do that via purchasing the Add-on or Standalone licenses or by simply joining the free trial.
Identify affected devices.
The following Advanced Hunting query provides a list of the potentially vulnerable devices with AMD processors:
DeviceTvmHardwareFirmware
| where ComponentType == "Processor"
| where Manufacturer contains "amd"
Learn more
If you’re interested in learning more about Microsoft Defender Vulnerability Management visit our website to take advantage of our free 90-day trial, check out our interactive guide, and read more information in our product documentation.
As always, we’d love to know what you think.
Looking forward to your feedback. share your feedback directly at: mdvmfeedback@microsoft.com
