A new Ryzen Chipset Driver update was released yesterday, version 3.08.17.735, that patches “critical security flaws” in the Platform Security Processor driver. AMD has not revealed the exact details of the security flaws that were patched, but we presume they could be related to a couple of current AMD flaws.
Right now, AMD has two vulnerabilities affecting all Ryzen based CPUs listed on AMD’s website. One of these includes a Speculative code store bypass and floating-point value injection vulnerability, which can cause Ryzen CPUs to leak data when processing overwritten instructions when the CPU processes incorrect floating point numbers. The second vulnerability also relates to data leakage, called the Transient Execution of Non-canonical Accesses. This vulnerability can allow data leakage when the CPU executes a non-canonical load and stores those numbers with just 48 address bits or lower.
We’re not completely sure these are the flaws AMD’s new PSP driver has fixed. But either way, it would be best to update your Ryzen chipset drivers to this new version to insure you aren’t exposed to unknown vulnerabilities. Especially when AMD classifies these security flaws as “critical.”
You can download the latest driver here.