cancel
Showing results for 
Search instead for 
Did you mean: 

SinkClose CPU flaw requires new AGESA

mcury
Level 11

Hello, I would like to ask when the new BIOS is going to be released for the B550 series.

According to AMD, the new AGESA ComboAM4v2PI 1.2.0.cb will fix this vulnerability.

SinkClose tracked as CVE-2023-31315 and rated of high severity (CVSS score: 7.5)

 

More info at: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7014.html 

 

Thanks.

20,868 Views
56 REPLIES 56

TastyDuck
Level 8

So there's been no BIOS updates from ASUS to fix this exploit, and previously they seemed unwilling to patch LogoFAIL. Instead, they recommended purchasing a newer AM5 motherboard since they'd already received patches 🙄

Gigabyte, MSI and ASRock have released BIOS updates for all their motherboards e.g. the MPG B550 GAMING PLUS, B550 AORUS ELITE & B550 Steel Legend. So if ASUS doesn't release updates by the end of the year then the Strix B550-F Gaming WiFi II will the last ASUS product that I purchase.

Oh, they recommended to buy a new AM5 board ?

Uauuu, while other vendors released the BIOS for their B450 series, for a 7.5 score vulnerability, Asus is recommending to buy a new motherboard ???

That really makes you think about vendors, post-sale support, warranties..

I'll wait one more month, because I think it is fair to wait that long, and that is all I can do before choosing another vendor next time.

To be clear, ASUS did eventually patch LogoFAIL for most of our motherboards. But the fact that they were even recommending people to purchase newer AM5 motherboards instead of saying "we're working on an update" seems discouraging.

The Strix B550-F Gaming WiFi II isn't even 3 years old, so I'd hope that ASUS continues to release updates for as long as AMD releases new AM4 CPUs and AGESA updates.

Vialli
Level 10

I will wait too, but if this isn't fixed by a new bios, next time I will choose a new supplier..

I have been using Asus for many years and always sworn by them, but now maybe a time for change..

I have built many systems over the years for customers and family, all Asus boards, maybe no longer..

Oh_No
Level 7

I trust that ASUS will take the time necessary to ensure a tested BIOS

I like Asus, don't get me wrong, it is always my first choice.

The thing is that we are speaking about a vulnerability, it is not a "feature", or an improvement.

 

To leave their customers vulnerable, and in addition to that, suggest to buy a new AM5 motherboard while other vendors provided the patch to even lower chipsets such as the B450, that my friend, could be the end of a very long lasting relationship.

I feel the exact same way. Security should always trump stability. Any apologists that think otherwise need their heads examined.

Silent_Scone
Super Moderator

Hello, 1.2.0.Cb has been superseded by 1.2.0.Cc, so the team are focusing on releasing this revision. ETA is expected to be around the end of Sept to early October depending on validation results and times.

 

13900KS / 8000 CAS36 / ROG APEX Z790 / ROG TUF RTX 4090

Another month? Just in time for the X870 release huh? Definitely the last Asus product for me. After the RMA ******show, now this. Someone bring back Abit to save us from this nightmare. 

This patch has nothing to do with X870 as the thread is regarding X570/B550 rollout. Validation can take time. There's talk even in this very thread of vendors having to pull a recent update. I don't think the "first" ethos is wise when it comes to vulnerability updates.

13900KS / 8000 CAS36 / ROG APEX Z790 / ROG TUF RTX 4090