Sinkclose” flaw in AMD processors since 2006 allows persistent malware, evading detection even after OS reinstall.

Sharing is Caring!

There is a significant security vulnerability known as “Sinkclose” that affects virtually all AMD processors released since 2006. This flaw allows attackers to execute code within the System Management Mode (SMM) of AMD processors, a highly privileged area typically reserved for critical firmware operations.

To exploit this vulnerability, attackers must first gain access to a system’s kernel, which is not easy but possible. Once this access is secured, the Sinkclose vulnerability allows the installation of bootkit malware that evades detection by standard antivirus tools and persists even after the operating system is reinstalled.

See also  Tarragona faces catastrophic flooding after 90 mm of rain falls in one hour.

Researchers Enrique Nissim and Krzysztof Okupski from IOActive are set to present their findings at the Defcon conference. AMD has started releasing mitigation options for its affected products.

Sources:

www.tomshardware.com/pc-components/cpus/sinclose-vulnerability-affects-hundreds-of-millions-of-amd-processors-enables-data-theft-amd-begins-patching-issue-in-critical-chip-lines-more-to-follow

it.slashdot.org/story/24/08/09/2054225/sinkclose-flaw-in-hundreds-of-millions-of-amd-chips-allows-deep-virtually-unfixable-infections

 


Views: 295

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.