There is a significant security vulnerability known as “Sinkclose” that affects virtually all AMD processors released since 2006. This flaw allows attackers to execute code within the System Management Mode (SMM) of AMD processors, a highly privileged area typically reserved for critical firmware operations.
To exploit this vulnerability, attackers must first gain access to a system’s kernel, which is not easy but possible. Once this access is secured, the Sinkclose vulnerability allows the installation of bootkit malware that evades detection by standard antivirus tools and persists even after the operating system is reinstalled.
Researchers Enrique Nissim and Krzysztof Okupski from IOActive are set to present their findings at the Defcon conference. AMD has started releasing mitigation options for its affected products.
Sources:
BREAKING: Researchers at Defcon are about to reveal a flaw in 100+ million $AMD chips called "Sinkclose," which allows hackers install undetectable, unfixable malware 🤯t.co/6wfgXbOqrK
— Financelot (@FinanceLancelot) August 9, 2024