AMD Fixes Ryzen Security Flaw with AGESA 1.2.0.3C Update
AMD has only recently released an updated version of their AGESA microcode, version 1.2.0.3C. So why care? Because it contains a fix for a significant security flaw which impacts your Ryzen CPU, specifically the newer 9000 series models.
What's All This Fuss About?
Turns out that researchers over at Google found a security bug related to how AMD's CPUs verify microcode signatures. Essentially, in very tight situations, the bug could result in potentially illegal, unsigned microcode being run on the CPU. Microcode, as you might recall, is the internal instruction set for the CPU – you really, really don't want anything being run there!
And before you worry, exploiting this very specific bug, EntrySign (officially AMD-SB-7033) as it turns out, isn't easy. It generally takes an attacker to already have deep access to your system, i.e., kernel-level access (that's equivalent to having the master key). For normal users, if somebody gets *that* level of access, you've likely got more critical things to worry about anyway. But for high-security setups or servers, such a flaw would be an issue because it could potentially get around some of the CPU's built-in security features.
MSI releases AGESA ComboAM5PI 1.2.0.3C BIOS for its AM5 800-series motherboards, to fix “AMD Microcode Signature Verification Vulnerability” (CVE-2024-36347) reported by researchers from Google. 🧐🧐🧐 pic.twitter.com/T8ky1mBRR5
— chi11eddog (@g01d3nm4ng0) April 25, 2025
It should be mentioned that although the revelation of this particular bug with Zen 5 chips (the Ryzen 9000 line) prompted this specific patch release for them, problems related to this signature validation process have been found and corrected on previous Zen architectures (Zen 1 through Zen 4) before as well. This specific patch is addressing the flaw as it applies to the new Zen 5 silicon.
Installing the Update: Motherboard Manufacturers Are Rolling It Out
So how do you get this patch? It is part of a BIOS update from your motherboard manufacturer. AMD provides the underlying AGESA code, and then companies such as MSI, ASUS, Gigabyte, ASRock, etc., package it into their specific motherboard BIOS versions. It takes them some time to test and roll out these updates for all of their different models.
Example of MSI Motherboard Support Page with BIOS Update
To the best of our knowledge, MSI is among the first to have BIOS updates using AGESA 1.2.0.3C for some of their 600 and 800 series AM5 motherboards available. Keep an eye on your motherboard manufacturer's support page for your model.
Do You Need to Update? Yes.
If you want to keep your system as secure as can be (and who doesn't?), installing this new BIOS patch by downloading it is a great idea. It's a security patch, straight up. And the best news? AMD says you won't notice any difference in performance compared to previous BIOS versions. All gain and no pain when it comes to speed.
It may take a bit of hunting and installing the BIOS update, but it's a standard procedure. Your motherboard manual or support website will explain how to do it. Just make sure you get the correct file for your exact motherboard model and follow the instructions carefully.
Briefly: check your motherboard's support page later today for a BIOS update containing AGESA 1.2.0.3C and install it when available to lock down your Ryzen system.
Reporting based on news from several tech news sites quoting AMD and motherboard makers.
