HomeGame GuidesMicrosoft: Defender's hardware and firmware assessment helps you identify faulty AMD Zenbleed...

Microsoft: Defender’s hardware and firmware assessment helps you identify faulty AMD Zenbleed processors

Published on


Recently, we covered the Intel “Downfall” GDS security vulnerability that affects almost all slightly older Intel processors. Although the new generation chips were not affected, a buggy microcode update from Intel and its vendor partners led to “UNSUPPORTED_PROCESSOR” BSODs on Windows 11 and Windows 10 PCs and Microsoft rightly denied taking any blame for it.

Meanwhile, the Red Team’s opponents weren’t immune to problems either as researchers discovered a YMM-related vulnerability in Ryzen 3000, 4000, 5000, 7000 series chips called “Zenbleed.”

Microsoft published a Tech Community blog post today that describes how IT managers and system administrators can manage such vulnerable processors using a new Defender technology called “Hardware and Firmware Assessment” within Microsoft Defender Vulnerability Management.

In the sample image provided, Microsoft shows an AMD Carrizo A10-8700P APU unaffected by Zenbleed. Carrizo is based on the fourth generation Bulldozer microarchitecture known as Excavator.

Microsoft Explains:

Microsoft Defender vulnerability management Hardware and firmware evaluation The capability provides an inventory of known hardware and firmware in your organization. This allows you to identify devices with AMD processors that may be vulnerable to this vulnerability (these devices must be entered service).

To use this ability, you will need access Defender Vulnerability Management premium offer. You can do this by purchasing the expansion or stand-alone licenses or simply by joining the Free trial.

Defender hardware and firmware evaluation

In the section below, Microsoft showed how to identify vulnerable processors using the tool:

The following advanced hunting query provides a list of potentially vulnerable devices with AMD processors:

DeviceTvmHardwareFirmware

| when ComponentType == “CPU”

| where the manufacturer contains “amd”

AMD has already announced that firmware fixes that mitigate the Zenbleed vulnerability are on the way. You can bookmark this dedicated article we made to track when the relevant firmware will be available.



Latest articles

More like this