• Welcome to TechPowerUp Forums, Guest! Please check out our forum guidelines for info related to our community.

Windows 10 SMM Mitigations (Firmware Protection) missing for Ryzen 3000?

Yagma

New Member
Joined
Feb 11, 2020
Messages
6 (0.03/day)
I notice there is no Firmware Protection option available for Ryzen 3000 processors, or at least, not mine, and not with my motherboard. This increases attack surface area for SMM exploitation...

Why is it not available?
 
Joined
Dec 16, 2017
Messages
964 (1.00/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling AMD Wraith Stealth // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Windows 10
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Please either fill the system specs page https://www.techpowerup.com/forums/account/specs

or post the specs here in the thread so that we can know the hardware you're dealing with.

But, apparently you have to meet a lot of requirements for Firmware Protection?

This MS article seems to be related to your issue, although I'd feel more confident if some more experienced people and specially someone with actual experience on this particular kind of thing could confirm it.

 

Yagma

New Member
Joined
Feb 11, 2020
Messages
6 (0.03/day)
Yes I have read this a few times but I don't know how to detect which of these the UEFI/OEM provides and which it does not... or if windows 10 is even capable of utilizing the latest technologies offered by AMD.

I am using an Asus TUF x570 Gaming Plus, Ryzen 3600, and Windows 10 2004.

smm.png
 
Joined
Aug 29, 2005
Messages
5,444 (1.00/day)
Location
Whatever my internet protocol shows I guess O.o
System Name Lynni The Great White Dragon in Zen Glass
Processor AMD Ryzen 9 3900X "ZEN2"
Motherboard MSI B450 Gaming Pro Carbono AC
Cooling Fractal Design Celsius S24
Memory Geil Dragon 4x8GB@3000mhz 15-17-17-35 (GWW416GB3000C15DC)
Video Card(s) Sapphire Radeon RX 5700 XT Pulse 8GB OC / Sapphire Radeon RX 590 Nitro+ Special Edition 8GB
Storage OS/Games:Samsung 970 EVO 500GB NVME|Samsung EVO 850 1TB SSD|Data:2xWD 4TB, 1xWD 10TB & WD 1TB
Display(s) Asus XG27UQ 4K | LG 55UK6100PLB IPS 4K HDR
Case Cougar Conquer "HaYaBuZa style"
Audio Device(s) Audio-Technica ATH-A550Z @ Creative Sound Blaster Z (Retail)
Power Supply Seasonic Prime 1200 watt 80Plus Platinum
Mouse Logitech G305 Lightspeedy Wireless
Keyboard Razer Blackwidow Chroma X UK
Software Win10 Pro UK x64
Benchmark Scores Time Spy: https://www.3dmark.com/3dm/33868867?
If my memory is correct I read back when this was discovered it was only AMD APU's that had this flaw but I am not sure if it's also the whole Ryzen series.
 
Joined
Dec 16, 2017
Messages
964 (1.00/day)
Location
Buenos Aires, Argentina
System Name System V
Processor AMD Ryzen 5 3600
Motherboard Asus Prime X570-P
Cooling AMD Wraith Stealth // a bunch of 120 mm Xigmatek 1500 RPM fans (2 ins, 3 outs)
Memory 2x8GB Ballistix Sport LT 3200 MHz (BLS8G4D32AESCK.M8FE) (CL16-18-18-36)
Video Card(s) Gigabyte AORUS Radeon RX 580 8 GB
Storage SHFS37A240G / DT01ACA200 / WD20EZRX / MKNSSDTR256GB-3DL / LG BH16NS40
Display(s) LG 22MP55 IPS Display
Case NZXT Source 210
Audio Device(s) Logitech G430 Headset
Power Supply Corsair CX650M
Mouse Microsoft Trackball Optical 1.0
Keyboard HP Vectra VE keyboard (Part # D4950-63004)
Software Windows 10
Benchmark Scores Corona 1.3: 3120620 r/s Cinebench R20: 3355 FireStrike: 12490 TimeSpy: 4624
Did a few quick searches over Reddit and Microsoft's Github for their documentation and it seems that you need to comply with all the requirements listed in the MS document I posted before (including a TPM 2.0 module, which isn't something common), for starters, and even so, this feature is only available on Windows 10 Enterprise running on 8th gen Intel vPro systems and later and some ARM systems. Not AMD.

On top of that, it seems that it can get very picky even on devices that were certified for this.

Leaving the links here
https://www.reddit.com/r/sysadmin/comments/dx7yjl
 
Last edited:

Yagma

New Member
Joined
Feb 11, 2020
Messages
6 (0.03/day)
Did a few quick searches over Reddit and Microsoft's Github for their documentation and it seems that you need to comply with all the requirements listed in the MS document I posted before (including a TPM 2.0 module, which isn't something common), for starters, and even so, this feature is only available on Windows 10 Enterprise running on 8th gen Intel vPro systems and later and some ARM systems. Not AMD.

On top of that, it seems that it can get very picky even on devices that were certified for this.

Leaving the links here
https://www.reddit.com/r/sysadmin/comments/dx7yjl
Thank you windwhirl for your concise and insightful post, hopefully all of these features can be implemented with an appropriate bios update! We can hope and wait.
 
Joined
Feb 21, 2006
Messages
667 (0.13/day)
Location
Toronto, Ontario
System Name AMD Ryzen
Processor 3800X
Motherboard Asus Prime X570-Pro
Cooling Corsair H150i Pro
Memory 16GB Gskill Trident RGB DDR4-3200 14-14-14-34-1T
Video Card(s) GIGABYTE Radeon RX 580 GAMING 8GB
Storage Corsair MP600 1TB PCIe 4 / Samsung 860Evo 1TB x2 Raid 0
Display(s) HP ZR24w + LG 24MB35 on Neo-Flex® Dual Monitor Lift Stand
Case Fractal Design Meshify S2
Audio Device(s) Creative X-Fi + Logitech Z-5500
Power Supply Corsair AX850 Titanium
Mouse Corsair Dark Core RGB
Keyboard Logitech G810
Software Windows 10 Pro x64 1909
The recently released Asus 2407 bios for my board has this fix I believe.

This article covers gigabyte's bios update for this fix, Asus has already released theirs so update your TUF board.

 
Last edited:

Yagma

New Member
Joined
Feb 11, 2020
Messages
6 (0.03/day)
The recently released Asus 2407 bios for my board has this fix I believe.

This article covers gigabyte's bios update for this fix, Asus has already released theirs so update your TUF board.

I'm using it right now and it did patch an SMM vulnerability of sorts but it doesn't allow for Firmware Protection to be enabled in windows 10. Maybe the UEFI now includes its own protections that do the same or better.
 
Top