News + Trends

Sinkclose: Security vulnerability discovered in AMD processors

12.8.2024

Translation: machine translated

Two security researchers have discovered a serious security vulnerability in AMD processors. All models from the last ten years and probably even older are affected. AMD is already working on a solution.

Hundreds of millions of AMD CPUs are affected by the Sinkclose vulnerability, which enables malware infections. The vulnerability directly affects the process level of PCs and servers. It is therefore located before the following system levels. The vulnerability should make it possible to execute software in System Management Mode. This has special system rights. The malware can therefore hide from the operating system and other applications. A sinkhole attack requires access at kernel level.

The vulnerability was discovered by the two security researchers Enrique Nissim and Krzysztof Okupski back in October 2023. However, they wanted to give AMD time to work on a solution, as Wired reports. AMD appeases, however. Access at kernel level is very difficult and exploiting the vulnerability is almost impossible. Nevertheless, there have already been such attacks, as Bleeping Computer writes.

AMD is working on a firmware update as a solution, according to Security Bulletin. It is due to be released in October 2024. Many processors will receive the fix, but not all. For example, no update is planned for the Ryzen 3000 series.

Header image: Shutterstock / Alberto Garcia Guillen

31 people like this article