Some AMD Zen 2 CPUs are finally getting defenses against the Zenbleed security flaw – and it’s about time
Some AMD Zen 2 chips are still without a major security patch, but this appears to be finally happening, at least for those with MSI motherboards, which are now receiving a firmware update to patch against Zenbleed attacks.
This is a BIOS update included with AMD’s AM4 AGESA 1.2.0.Ca that provides fixes against Zenbleed. The CPUs in question are technically Zen 2 APUs – all-in-one chips with integrated graphics – from the Ryzen 4000 family (codenamed Renoir).
So if you’re using one of those Ryzen 4000 processors on an MSI motherboard with the AM4 chipset (last generation), you’ll want to pick up this firmware update.
It’s rolling out as we type, and Tom’s hardwarewho spotted this notes that it’s currently available for almost every MSI to achieve that.
The patched vulnerability is CVE-2023-20593, which is rated at a “medium” severity level, but can be used to “potentially access sensitive information” on your PC, which would undoubtedly not be good if this were to happen .
Analysis: Patching is taking a long time – and it’s still not completely over
What’s strange about this is how long it took for certain Zen 2 CPUs to get the necessary protection against this potential exploit. Defenses were implemented quite some time ago in previous AGESA updates from AMD for Ryzen 3000 CPUs and other Zen 2 chips.
With Ryzen 4000 variants of Zen 2 being tackled, this covers all the bases (except for certain Ryzen-embedded chips, which are a whole different kettle of silicon – and even then, the fix for that should probably come soon).
Mind you, even now that the new AGESA 1.2.0.Ca has been released for systems with Ryzen 4000 APUs, not every motherboard vendor has released this in a firmware update. Gigabyte in particular has yet to take steps on this front, at least based on feedback Reddit, but you would think the company should do that soon enough. There is certainly no reason to delay any further.