There is a serious security vulnerability that has existed for 18 years in AMD processors, but it is not too worrying
Security researchers at IOActive have discovered a serious vulnerability that exists in nearly two dozen AMD-branded CPU models.
An attacker could exploit this vulnerability to infect the CPU with malware and penetrate deep into the operating system. However, the good news is that this vulnerability is not easy to exploit, and AMD processor owners do not need to worry too much at the present time.
IOActive security experts call this vulnerability 'Sinkclose'. It has existed in PCs, data centers, and embedded AMD processors (chips used in cars or industrial equipment) for as long as 2006. To keep AMD chips backward compatible, manufacturers chip export added a feature that can modify privileged CPU configuration. That's the vulnerability that security researchers have found and exploited.
By abusing Sinkclose, malicious actors can modify processor configurations that are highly protected and only accessible through System Management Mode (SMM). System management operates at a higher privilege level than the operating system. And so, any changes made in this mode are 'invisible' and inaccessible to the operating system.
Threat actors could theoretically use this elevated access to install malware that runs at startup, known as before the operating system. Therefore, common processing procedures such as reinstalling the operating system, clearing memory or using anti-virus software are completely ineffective in eliminating this vulnerability. Instead, you will have to physically link it to the processor using a special programming device to detect and remove malware.
Fortunately, it is very difficult to execute an attack targeting this vulnerability. To start, an attacker will need kernel-level access - the kernel - which is the core that has complete control over the entire operating system. Modern operating systems have protections against unauthorized kernel access, so an attacker would have to bypass multiple layers of perimeter security to do so. Therefore, although the mining process is in fact present, the threat that Sinkclose poses is minimal to the average user.
In response to IOActive, AMD published a list of vulnerable processors along with some mitigation tips. The company is also implementing security patches for the affected processors.
You should read it
- AMD CPUs also have security vulnerabilities that have existed for many years now!
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerability
- Critical Vulnerability Discovered in 3 WordPress Plugins, Affects 84,000 Websites
- Detected critical zero-day vulnerability on Adobe Reader
- Discovered a new zero-day vulnerability on macOS that allows attackers to run commands remotely
- Detecting zero-day vulnerability in the Dropbox 10 Windows app, users pay attention!
- Detecting a new Linux vulnerability allows hackers to gain control of the VPN connection
- Detecting an 8-year-old security flaw, affecting 150 HP printer models
- Network security guide before vulnerability 196
- New zero-day vulnerability warning in Windows Search, Windows protocol nightmare getting worse
- Microsoft urgently patched zero-day vulnerability after 2 years of refusing to acknowledge it
- Detected a serious BIOS vulnerability, affecting many Intel processors
Maybe you are interested
New Intel microcode '0x129' tested on Linux, did not show a major impact on performance Learn about Hamster AI: The best free all-in-one AI tool Why does opening MOV file have no image? How to fix? How to print Excel on 1 A4 page - Display full content on 1 page How to install HEVC and HEIF codecs on Windows 11 More than 60% of passwords are cracked by AI in less than 60 seconds