AMD’s Update Tool Downloads Malware For You — And They Said “Not Our Problem”
Imagine your front door has a lock that accepts ANY key. That’s what AMD shipped on your computer — and when someone told them, they shrugged.
What’s Going On In 10 Seconds
AMD has a program that auto-updates your drivers. A security researcher just proved that anyone on your Wi-Fi can use it to install whatever they want on your PC. He told AMD. They closed his report the same day and said they won’t fix it.
You probably have this installed right now and don’t even know it.
Why You Should Be Mad
- Your PC trusts strangers. AMD’s updater downloads files the same way you’d send a postcard — anyone passing it along can read it, swap it, or replace it entirely. No envelope. No seal. Nothing.
- AMD knew and said “not our problem.” The researcher reported it on Feb 5, 2026. AMD closed the ticket the same day. Not “we’ll look into it.” Not “give us time.” Just… no.
- You didn’t choose this. This updater sneaks onto your system when you install AMD drivers. It runs in the background. You never asked for it.
OK But How Does This Actually Work? (Simple Version)
Think of it like ordering food delivery:
- Your AMD updater calls the restaurant (AMD’s server) and says “hey, got anything new for me?”
- The call is NOT private. It’s like shouting your order across a crowded room instead of whispering it. Anyone nearby can hear it. (Tech people call this “HTTP” instead of “HTTPS” — the S stands for Secure, and AMD skipped it.)
- Someone in the room swaps your order. A hacker on the same Wi-Fi intercepts the response and says “yeah here’s your update!” — but it’s actually malware.
- Your PC eats it without checking. A normal updater would check the package — is this actually from AMD? Does the seal match? AMD’s updater does zero checking. It just runs whatever it receives.
Result: The hacker’s code is now running on your machine. They could see your files, record your keystrokes, use your PC to mine crypto — anything.
Where this can happen:
- Coffee shop Wi-Fi
- University/school networks
- Hotel Wi-Fi
- Your home network (if someone’s already on it)
- Theoretically, even your internet provider could do this
The Full Timeline (For the Curious)
| Date | What Happened |
|---|---|
| Jan 27, 2026 | Security researcher MrBruh discovers the flaw while poking around on a new gaming PC |
| Feb 5, 2026 | MrBruh reports it to AMD through proper channels |
| Feb 5, 2026 | AMD closes the report. Same day. Labels it “out of scope / won’t fix.” |
| Feb 6, 2026 | MrBruh publishes everything publicly since AMD won’t act |
No patch. No fix date. No CVE (the official tracking number security flaws get). Nothing. AMD just… walked away.
Do This Right Now
Step 1: Check If You Have It
Windows:
- Press
Ctrl + Shift + Esc(opens Task Manager) - Click the Startup tab
- Look for anything with “AMD” and “Update” or “AutoUpdate” in the name
- Also check: click Start, type “Add or remove programs”, search for “AMD” in the list
If you see it → keep reading. If not → you’re probably fine, but the VPN tip in Step 3 is still worth doing.
Step 2: Kill It
Option A — Disable it (easiest):
- In Task Manager → Startup tab → right-click the AMD AutoUpdate entry → Disable
- This stops it from running when your PC boots up
Option B — Remove it (cleanest):
- Go to “Add or remove programs” → find AMD AutoUpdate → Uninstall
- Your AMD graphics card will still work perfectly fine without it
Option C — Block it with your firewall (most thorough):
- Open Windows Defender Firewall → Advanced Settings → Outbound Rules → New Rule
- Block the AMD AutoUpdate executable from making any internet connections
- This way even if it somehow runs, it can’t phone home
Your drivers still work without this tool. It only handles automatic updates. You can always update manually.
Step 3: Update Drivers the Safe Way
Instead of letting the broken auto-updater do it:
- Go to amd.com/en/support directly (this site uses HTTPS — the secure version)
- Select your product
- Download the driver
- Install it yourself
Takes 3 minutes. Zero chance of someone swapping malware into the download.
Step 4: Protect Yourself on Public Wi-Fi (Do This Anyway)
This AMD flaw works because someone on your network can intercept traffic. A VPN encrypts everything leaving your computer, making interception useless.
- Free options: ProtonVPN (free tier), Cloudflare WARP
- Paid options: Mullvad, ProtonVPN paid tier
- Set it to auto-connect whenever you join a Wi-Fi network
This doesn’t just protect you from the AMD bug — it protects you from hundreds of similar tricks on public networks.
The Bigger Picture Nobody’s Talking About
This Isn't Just AMD
Here’s the dirty secret: tons of software updaters work exactly like this. Your keyboard software, your mouse software, your monitor utility, your RGB lighting app — many of them phone home over insecure connections and run whatever they get back.
AMD just got caught because someone actually looked.
What you can do about it:
- Audit your startup programs (Task Manager → Startup). Anything you don’t recognize? Disable it.
- Uninstall utilities you don’t use. That “Corsair iCUE” or “Razer Synapse” you installed once and forgot about? It’s probably running in the background right now.
- Fewer background programs = fewer attack surfaces = safer PC.
Why Companies Keep Getting Away With This
AMD classified this as “out of scope.” That’s corporate for “we don’t consider this a real bug.” Here’s why that’s wild:
- Their own software downloads executables without encryption
- Their own software runs those executables without checking who made them
- And they say that’s… fine?
This happens because there’s no law forcing companies to fix security flaws in most countries. No fine. No penalty. The researcher did everything right — found the bug, reported it privately, gave them time. AMD said no. So he went public.
The only thing that forces a fix is bad press. So share this post.
The 30-Second Version
AMD’s driver updater downloads files like you’d send a postcard — anyone can read and swap them. It then runs whatever it gets without checking. A researcher told AMD. They said “not our problem” the same day. Open Task Manager, disable AMD AutoUpdate, update your drivers manually from amd.com. Done. You’re safe.
!