‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infection

Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

Welcome, ! User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infection

Author Post Essentials Only Full Version
Cool GTX EVGA Forum Moderator Total Posts : 30693 Reward points : 0 Joined: 2010/12/12 14:22:25 Location: Folding for the Greater Good Status: offline Ribbons : 123 2024/08/10 13:35:38 (permalink) ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades. (excerpt) Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it.At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose. The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier. (end excerpt) 'You basically have to throw your computer away': Researchers explain AMD 'Sinkclose' vulnerability, but do you need to worry? (excerpts) The firmware vulnerability identified by Nissim and Okupski would allow hackers to run their own code in AMD's System Management Mode, which is intended to run the processor's firmware. This "Sinkclose" vulnerability would allow an attacker to infect the computer with a "bootkit" type of malware that targets the Master Boot Record. Bootkit malware can evade antivirus software and is potentially invisible to the operating system. A hacker must have already gained access to a PC or server to exploit the System Management Mode controls, which is one reason AMD is downplaying the concern. In a background statement to Wired, AMD company compared the Sinkclose method to "accessing a bank's safe-deposit boxes after already bypassing its alarms, the guards, and vault door." However, the vulnerability would allow a hacker such deep control of a PC that it would be functionally impossible to salvage it, and the vulnerability affects nearly all AMD chips manufactured since 2006, if not earlier. So while hackers would only likely attempt this on high-value targets, it should not be completely ignored. AMD has acknowledged IOActive's findings in a statement to Wired, noting that the company had released mitigation options for the "Sinkclose" flaw in EPYC server processors and Ryzen consumer processors and that the vulnerability has been patched out of the EPYC server CPUs earlier this year. AMD has released a list of all affected processors on its security page, including the Ryzen 3000 through 7000 series for laptop owners. (end excerpts) Looks like AMD just joined Intel in big security flaws Hall of Fame Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members I am a Volunteer Moderator - not an EVGA employee **Older RIG projects RTX Project Nibbler** #1 1 Reply Related Threads
notfordman Omnipotent Enthusiast Total Posts : 8744 Reward points : 0 Joined: 2007/08/09 23:52:23 Location: In a van, down by the Status: offline Ribbons : 28 Re: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infec 2024/08/12 09:52:18 (permalink) That doesn't sound good at all. Heatware : http://www.heatware.com/eval.php?id=68330 #2

Author

Post

Essentials Only Full Version

Cool GTX

EVGA Forum Moderator

Total Posts : 30693
Reward points : 0
Joined: 2010/12/12 14:22:25
Location: Folding for the Greater Good
Status: offline
Ribbons : 123

2024/08/10 13:35:38 (permalink)

‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.

(excerpt)

Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it.At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose.

The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier.
(end excerpt)

'You basically have to throw your computer away': Researchers explain AMD 'Sinkclose' vulnerability, but do you need to worry?

(excerpts)

The firmware vulnerability identified by Nissim and Okupski would allow hackers to run their own code in AMD's System Management Mode, which is intended to run the processor's firmware. This "Sinkclose" vulnerability would allow an attacker to infect the computer with a "bootkit" type of malware that targets the Master Boot Record. Bootkit malware can evade antivirus software and is potentially invisible to the operating system.

A hacker must have already gained access to a PC or server to exploit the System Management Mode controls, which is one reason AMD is downplaying the concern. In a background statement to Wired, AMD company compared the Sinkclose method to "accessing a bank's safe-deposit boxes after already bypassing its alarms, the guards, and vault door."

However, the vulnerability would allow a hacker such deep control of a PC that it would be functionally impossible to salvage it, and the vulnerability affects nearly all AMD chips manufactured since 2006, if not earlier.

So while hackers would only likely attempt this on high-value targets, it should not be completely ignored.

AMD has acknowledged IOActive's findings in a statement to Wired, noting that the company had released mitigation options for the "Sinkclose" flaw in EPYC server processors and Ryzen consumer processors and that the vulnerability has been patched out of the EPYC server CPUs earlier this year.

AMD has released a list of all affected processors on its security page, including the Ryzen 3000 through 7000 series for laptop owners.

(end excerpts)

Looks like AMD just joined Intel in big security flaws Hall of Fame

Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members

I am a Volunteer Moderator - not an EVGA employee

Older RIG projects RTX Project Nibbler

1 Reply Related Threads

notfordman

Omnipotent Enthusiast

Total Posts : 8744
Reward points : 0
Joined: 2007/08/09 23:52:23
Location: In a van, down by the
Status: offline
Ribbons : 28

Re: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infec 2024/08/12 09:52:18 (permalink)

That doesn't sound good at all.

Heatware : http://www.heatware.com/eval.php?id=68330

Jump to: