This hasn't gotten the attention it deserves. What this specific trick is doing is exploiting a bug Alex found in a driver called the "AMD PCI Driver". But what that driver actually does it check the process name vs. a dozen or so magic hash values (all games -- folks on twitter recovered most of them) and if found sets or clears a few bits in some undocumented MSRs that seemingly have something to do with the instruction cache. There's some thought that these are working around hardware bugs that only rare software triggers.<p>Needless to say, if Intel had played this trick it would have been pinned to the top of the front page here for the last week.
<i>"Single line of"</i>, as usual, is a bit overstated in the headline. One line of PowerShell plus an installed suite of powershell tools from Google's project Zero: <a href="https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools" rel="nofollow">https://github.com/googleprojectzero/sandbox-attacksurface-a...</a>.<p>Though the core problem he's talking about is certainly notable. A sanctioned, signed, driver that exposes arbitrary kernel memory writes via ioctl() isn't great.
The title is a bit click-baity. Obviously this is a Windows-specific issue, and obviously it only happens when you install the AMD software.<p>So it's not a vulnerability in Ryzen. Good.