A dangerous vulnerability that has existed for 18 years threatens millions of AMD Ryzen and EPYC CPUs
Millions of computers running AMD Ryzen and EPYC CPUs worldwide are exposed to a dangerous vulnerability that allows attackers to run malicious code on the CPU when they are in System Management Mode, a sensitive mode that contains important firmware files.
The new vulnerability is called 'Sinkclose'. Hackers need to have deep access to computers or servers that operate on AMD processing systems to exploit this vulnerability. They can use bootkit malware - a type of malicious code that is difficult to detect and difficult to patch, to exploit vulnerabilities, thereby penetrating and controlling the system. Hackers will then install malware that is difficult to detect and can even persist even after reinstalling the operating system.
Although only recently reported, Sinkclose appears to have existed in many of AMD's CPU product lines, from desktops, workstations, servers to embedded devices and graphics solutions, for 18 years. pass without being detected.
AMD was notified about this vulnerability 10 months ago. The company has confirmed the existence of the Sinkclose vulnerability and has released patches for EPYC and Ryzen CPUs. The company also provides software and firmware patches to minimize the impact of the vulnerability.
To patch the vulnerability to ensure the safety of your system, AMD recommends that users update the latest BIOS.
You should read it
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websites
- Detected critical zero-day vulnerability on Adobe Reader
- Discovered a new zero-day vulnerability on macOS that allows attackers to run commands remotely
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
- Detecting an 8-year-old security flaw, affecting 150 HP printer models
- Network security guide before vulnerability 196
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
Maybe you are interested
How to check MacBook battery status Fruits and vegetables rich in antioxidants Cryptocurrency Insurance: This Domain Could Be a Big Industry in the Coming Futur Latest Shindo Life Roblox Code and how to enter Evaluate the Snapdragon 860 gaming performance on the POCO X3 Pro Why You Should Consider Hiring a Risk Management Agency