AMD has rolled out new BIOS updates for most of its CPUs from Zen+ through Zen 5 architectures to patch a security flaw that could allow hackers to read sensitive data stored within the Trusted Platform Module (TPM). The update, based on AGESA 1.2.0.3e firmware, impacts all processors except AM4-based ones, including Ryzen 500 and 400 series CPUs.
The bug, ranked 6.6 (Medium) on the CVSS scale, can be exploited using standard user-mode privileges, making it accessible to attackers without kernel-level access. This is a significant difference from previous vulnerabilities that required kernel-level access.
Several motherboard partners, including Asus and MSI, have started rolling out BIOS updates based on the new firmware. The update fixes not only the TPM vulnerability but also adds support for a new Ryzen CPU, likely the upcoming Ryzen 9000F series processors.
However, users should note that installing the BIOS update is a one-way process, and it’s not possible to roll back to an older release. Users are advised to consult their motherboard vendor’s support page to see if a new BIOS is available and to update accordingly.
It’s worth mentioning that some manufacturers may not be rolling out the update for AM4-based processors, as Techpowerup reported. AMD has confirmed that only AM5-based processors will receive the update.
Source: https://www.tomshardware.com/pc-components/cpus/amd-partners-roll-out-new-bios-updates-to-patch-tpm-vulnerability-error-with-amd-cpus-addressed-with-agesa-1-2-0-3e