Sinkclose” flaw in AMD processors since 2006 allows persistent malware, evading detection even after OS reinstall.

Sharing is Caring!

There is a significant security vulnerability known as “Sinkclose” that affects virtually all AMD processors released since 2006. This flaw allows attackers to execute code within the System Management Mode (SMM) of AMD processors, a highly privileged area typically reserved for critical firmware operations.

To exploit this vulnerability, attackers must first gain access to a system’s kernel, which is not easy but possible. Once this access is secured, the Sinkclose vulnerability allows the installation of bootkit malware that evades detection by standard antivirus tools and persists even after the operating system is reinstalled.

See also  Not shocking after the debate, but still disturbing—who's in charge?

Researchers Enrique Nissim and Krzysztof Okupski from IOActive are set to present their findings at the Defcon conference. AMD has started releasing mitigation options for its affected products.

Sources:

See also  AND SO IT BEGINS...Moscow Threatens Retaliation After Ukraine Strikes Russia With 6 US-Made ATACMS Missiles

https://www.tomshardware.com/pc-components/cpus/sinclose-vulnerability-affects-hundreds-of-millions-of-amd-processors-enables-data-theft-amd-begins-patching-issue-in-critical-chip-lines-more-to-follow

https://it.slashdot.org/story/24/08/09/2054225/sinkclose-flaw-in-hundreds-of-millions-of-amd-chips-allows-deep-virtually-unfixable-infections