Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Darren Allan

Some AMD Zen 2 CPUs finally get defenses against Zenbleed security flaw – and it’s about time

MSI X570 motherboards.

Some AMD Zen 2 chips have still not had an important security patch, but this appears to be finally happening, at least for those with MSI motherboards, who are now receiving a firmware update to patch against Zenbleed attacks.

This is a BIOS update which comes with AMD’s AM4 AGESA 1.2.0.Ca that packs mitigations against Zenbleed. The CPUs in question are actually technically Zen 2 APUs – all-in-one chips with integrated graphics – from the Ryzen 4000 family (codenamed Renoir).

So, if you’re running one of those Ryzen 4000 processors in an MSI motherboard with the AM4 (last-gen) chipset, you’ll want to pick up this firmware update.

It’s rolling out as we type, and Tom’s Hardware, which spotted this, observes it’s available for almost every MSI X570 motherboard at this point, and it’s being delivered to B550 along with other 500 and 400 series boards too – but it may take longer to reach those.

The vulnerability patched is CVE-2023-20593 which is rated with a “medium” level of severity, but it can be leveraged to “potentially access sensitive information” on your PC, which wouldn’t be good if it happened, doubtless.


Analysis: A long haul for patching – and it’s still not quite over

The weird thing about this is how long it has taken for certain Zen 2 CPUs to get the necessary protection from this potential exploit. Defenses were implemented in previous AGESA updates from AMD for Ryzen 3000 CPUs, and other Zen 2 chips besides, quite some time ago.

With Ryzen 4000 variants of Zen 2 now being addressed, that covers all bases (except for certain Ryzen embedded chips, which are quite a different kettle of silicon – and even then, the fix for those is supposedly due imminently).

Mind you, even with the new AGESA 1.2.0.Ca released for systems with Ryzen 4000 APUs, not every motherboard vendor has pushed this out in a firmware update yet. Notably Gigabyte is still yet to move on this front, at least going by feedback on Reddit, but the firm should do soon enough, you’d imagine. There’s certainly no reason to delay any further.

You might also like

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.