Well, one thing this topic prompted me to do was update the BIOS on my PowerSpec B685 tower PC. However, like EricB above, I’ll not lose any sleep over this for the same reasons, but I’d still feel better knowing that all the doors are locked. OEM communication skills leave something to be desired when consumer products and security are involved.
“This BIOS fixes the following problem of the previous version: – Update to AGESA ComboAm4v2PI 1.2.0.8.” The firmware is dated March 3 and came with a similar helpful readme /sarcasm: Like you, I just updated firmware to 1.2.0.8 on an MSI ACE X570 (a premium board). When issues such as this arise, I’m sure OEMs prioritize enterprise, workstation and business SKUs over general consumer and gamer SKUs which are less likely to be targeted, especially when the attack vector is local (hence the lower security threat). I haven’t a clue as to whether this means “Not Available” or “Not Applicable”. In it, AMD states “The AGESA versions listed below have been released to the Original Equipment Manufacturers (OEM) to mitigate these issues.” If you look under the “Mitigation” heading, you’ll see that 3000/5000 CPUs have “N/A” under them.
In response to CVE-2021-26346, on January 10 AMD published: AMD fixes vulnerabilities, but OEMs (ASUS, MSI, etc) must implement it for the mobos they produce and, as you’ve probably observed, OEMs aren’t particularly timely at doing so.
Since you have an X570 chipset, I’m assuming you have either a 3000 or 5000 series Ryzen processor (I have both).
0 kommentar(er)
