AMD Says New Sinkclose CPU Vulnerability Only Affects ‘Seriously Breached Systems’

August 13, 2024 at 06:42AM IOActive disclosed Sinkclose, a new AMD processor vulnerability that has been around for 20 years, targeting SMM. Exploiting the flaw needs deep understanding of the architecture, but not physical access. AMD has published mitigations and firmware updates, prioritizing security despite it affecting seriously breached systems. The malware planted is stealthy … Read more

AMD Issues Updates for Silicon-Level ‘SinkClose’ Processor Flaw

August 12, 2024 at 04:42PM AMD has issued firmware updates to address a nearly two-decades-old silicon-level vulnerability in its EPYC data center processors and its Ryzen processors for PCs and embedded systems. The “SinkClose” flaw affects a component in the processor protecting System Management Mode, potentially allowing attackers to implant almost undetectable malware. AMD has … Read more

New AMD SinkClose flaw helps install nearly undetectable malware

August 9, 2024 at 01:02PM AMD has issued a warning about a high-severity CPU vulnerability, SinkClose, affecting multiple generations of EPYC, Ryzen, and Threadripper processors. This flaw allows attackers to gain Ring -2 privileges, enabling malware installation undetectable by typical security tools. The attack has gone undetected for almost 20 years and poses significant threats, … Read more