A hot potato: Graphics driver updates from GPU hardware manufacturers are generally greeted with a good deal of enthusiasm and skepticism. Some users are looking forward to the potential game and application support, functionality, or pure FPS that a new package can provide. Others hesitate to take the leap out of fear that the release will cause more problems than it solves. AMD’s latest security bulletins have now shown the importance of keeping their Radeon drivers updated to support security posture and graphics capabilities.
The latest batch of common vulnerabilities and exposures (CVEs) released by Team Red covers 27 driver-level security findings, including 18 high-severity vulnerabilities. Unintentional privilege escalation, DLL hijacking, and arbitrary code execution are among the problems caused by security holes. Malicious actors who exploit these exploits can cause impacts on users ranging from information compromise to complete data loss.
Fortunately for AMD Radeon users, many of these problems have been addressed from the latest several driver versions of the company. Starting from Radeon 7/20/1 and the Radeon 21.Q1 Enterprise driver packages, AMD has successfully mitigated most of these security concerns, including all 18 high-severity CVEs. These releases and their ability to address associated security issues are a great case for end users to review and consider driver updates based on more than just the efficient processing of data and images by their GPUs.
Recently discovered security vulnerabilities are not limited to AMD’s Radeon product line. The register emphasizes More than 70 vulnerabilities covering all generations of AMD’s EPYC processors and Intel’s Wi-Fi, SSDs and processors, including the Pentium, Celeron, Atom and Xeon product lines.
Security issues were discovered and reported by several researchers and organizations, including vulnerability expert Ori Nimron, developer of cybersecurity products CyberArk Laboratories, and many others. According to AMD bulletins, any AMD GPU user running Radeon Software version 21.4.1, Radeon Pro Software version 21.Q2 Enterprise driver or later, should be up to date and protected from reported exploits.