EVGA

Hot!‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infection

Author
Cool GTX
EVGA Forum Moderator
  • Total Posts : 31240
  • Reward points : 0
  • Joined: 2010/12/12 14:22:25
  • Location: Folding for the Greater Good
  • Status: offline
  • Ribbons : 123
2024/08/10 13:35:38 (permalink)
 
‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections

Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer—and that it has persisted in the company’s processors for decades.


 (excerpt)
 
Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it.At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose.

The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier.
(end excerpt)
 
 
 
'You basically have to throw your computer away': Researchers explain AMD 'Sinkclose' vulnerability, but do you need to worry? 

(excerpts)

The firmware vulnerability identified by Nissim and Okupski would allow hackers to run their own code in AMD's System Management Mode, which is intended to run the processor's firmware. This "Sinkclose" vulnerability would allow an attacker to infect the computer with a "bootkit" type of malware that targets the Master Boot Record. Bootkit malware can evade antivirus software and is potentially invisible to the operating system.

A hacker must have already gained access to a PC or server to exploit the System Management Mode controls, which is one reason AMD is downplaying the concern. In a background statement to Wired, AMD company compared the Sinkclose method to "accessing a bank's safe-deposit boxes after already bypassing its alarms, the guards, and vault door."  

However, the vulnerability would allow a hacker such deep control of a PC that it would be functionally impossible to salvage it, and the vulnerability affects nearly all AMD chips manufactured since 2006, if not earlier.

So while hackers would only likely attempt this on high-value targets, it should not be completely ignored. 

AMD has acknowledged IOActive's findings in a statement to Wired, noting that the company had released mitigation options for the "Sinkclose" flaw in EPYC server processors and Ryzen consumer processors and that the vulnerability has been patched out of the EPYC server CPUs earlier this year.  

AMD has released a list of all affected processors on its security page, including the Ryzen 3000 through 7000 series for laptop owners. 

(end excerpts) 

Looks like AMD just joined Intel in big security flaws Hall of Fame

Learn your way around the EVGA Forums, Rules & limits on new accounts Ultimate Self-Starter Thread For New Members

I am a Volunteer Moderator - not an EVGA employee

Older RIG projects RTX Project  Nibbler


 When someone does not use reason to reach their conclusion in the first place; you can't use reason to convince them otherwise!
#1

1 Reply Related Threads

    notfordman
    Omnipotent Enthusiast
    • Total Posts : 8760
    • Reward points : 0
    • Joined: 2007/08/09 23:52:23
    • Location: In a van, down by the
    • Status: offline
    • Ribbons : 28
    Re: ‘Sinkclose’ Flaw in Hundreds of Millions of AMD Chips Allows,Virtually Unfixable Infec 2024/08/12 09:52:18 (permalink)
    That doesn't sound good at all. 
    #2
    Jump to:
  • Back to Mobile