Crash a Ryzen system in single line of tweetable PowerShell

This hasn&#x27;t gotten the attention it deserves. What this specific trick is doing is exploiting a bug Alex found in a driver called the &quot;AMD PCI Driver&quot;. But what that driver actually does it check the process name vs. a dozen or so magic hash values (all games -- folks on twitter recovered most of them) and if found sets or clears a few bits in some undocumented MSRs that seemingly have something to do with the instruction cache. There&#x27;s some thought that these are working around hardware bugs that only rare software triggers.<p>Needless to say, if Intel had played this trick it would have been pinned to the top of the front page here for the last week.

<i>&quot;Single line of&quot;</i>, as usual, is a bit overstated in the headline. One line of PowerShell plus an installed suite of powershell tools from Google&#x27;s project Zero: <a href="https:&#x2F;&#x2F;github.com&#x2F;googleprojectzero&#x2F;sandbox-attacksurface-analysis-tools" rel="nofollow">https:&#x2F;&#x2F;github.com&#x2F;googleprojectzero&#x2F;sandbox-attacksurface-a...</a>.<p>Though the core problem he&#x27;s talking about is certainly notable. A sanctioned, signed, driver that exposes arbitrary kernel memory writes via ioctl() isn&#x27;t great.

The title is a bit click-baity. Obviously this is a Windows-specific issue, and obviously it only happens when you install the AMD software.<p>So it&#x27;s not a vulnerability in Ryzen. Good.

Lots of replies saying &#x27;unable to reproduce&#x27; for various different Ryzens, so I don&#x27;t think this is all it&#x27;s made out to be.

This is interesting and also makes me want to look at powershell a bit more.<p>Attitude seems unnecessary though

So if you run malicious code on your PC it can cause problems? Huh...