There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
An attacker could exploit this vulnerability to infect the CPU with malware and penetrate deep into the operating system. However, the good news is that this vulnerability is not easy to exploit, and AMD processor owners do not need to worry too much at the present time.
IOActive security experts call this vulnerability 'Sinkclose'. It has existed in PCs, data centers, and embedded AMD processors (chips used in cars or industrial equipment) for as long as 2006. To keep AMD chips backward compatible, manufacturers chip export added a feature that can modify privileged CPU configuration. That's the vulnerability that security researchers have found and exploited.
By abusing Sinkclose, malicious actors can modify processor configurations that are highly protected and only accessible through System Management Mode (SMM). System management operates at a higher privilege level than the operating system. And so, any changes made in this mode are 'invisible' and inaccessible to the operating system.
Threat actors could theoretically use this elevated access to install malware that runs at startup, known as before the operating system. Therefore, common processing procedures such as reinstalling the operating system, clearing memory or using anti-virus software are completely ineffective in eliminating this vulnerability. Instead, you will have to physically link it to the processor using a special programming device to detect and remove malware.
Fortunately, it is very difficult to execute an attack targeting this vulnerability. To start, an attacker will need kernel-level access - the kernel - which is the core that has complete control over the entire operating system. Modern operating systems have protections against unauthorized kernel access, so an attacker would have to bypass multiple layers of perimeter security to do so. Therefore, although the mining process is in fact present, the threat that Sinkclose poses is minimal to the average user.
In response to IOActive, AMD published a list of vulnerable processors along with some mitigation tips. The company is also implementing security patches for the affected processors.
You should read it
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websites
- Detected critical zero-day vulnerability on Adobe Reader
- Discovered a new zero-day vulnerability on macOS that allows attackers to run commands remotely
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
- Detecting an 8-year-old security flaw, affecting 150 HP printer models
- Network security guide before vulnerability 196
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Detected a serious BIOS vulnerability, affecting many Intel processors
Maybe you are interested
Structure, symbols and operating principles of transformers
Why does Windows operating system have such a bad reputation?
Mozilla considers extending Firefox support on older operating system versions until March 2025
Samsung will support 7 years of free software upgrades for AI TVs running the Tizen operating system
Microsoft once wanted to kill Windows and replace it with the Midori operating system
Should operating system patches be updated as soon as they are released?