MSI Releases AGESA 1.2.0.Ca BIOS For AM4 Motherboards, Addresses AMD Zen 2 CPU Security Issues

MSI has rolled out a new AGESA 1.2.0.Ca BIOS for its AM4 motherboards which addresses a security flaw on AMD Zen 2 CPUs.

It's been a while since AMD's AM4 motherboards received a major BIOS update but it looks like the new one had to be rolled out since Zen 2 CPUs had been affected by a cross-process information leak issue. MSI is quick to address this and has rolled out its AGESA 1.2.0.Ca BIOS update which can be acquired here.

MSI releases new AM4 AGESA https://t.co/fqfpMb4P2K BIOS to fix CPU security issue.https://t.co/l0UKJmpxvNhttps://t.co/aEKj6bcDSS pic.twitter.com/bDlbDAI23G

— chi11eddog (@g01d3nm4ng0) May 2, 2024

Summary

Under specific microarchitectural circumstances, a register in “Zen 2” CPUs may not be written to 0 correctly. This may cause data from another process and/or thread to be stored in the YMM register, which may allow an attacker to potentially access sensitive information.

CVE Details

Mitigation

AMD recommends applying the µcode patch listed below for AMD EPYC 7002 Processors and applying BIOS updates that include the following AGESA firmware versions for other affected products. AMD plans to release to the Original Equipment Manufacturers (OEM) the AGESA versions on the target dates listed below. Please refer to your OEM for the BIOS update specific to your product.

DESKTOP

HIGH END DESKTOP (HEDT)

WORKSTATION