Tech
Millions of Systems Running AMD Ryzen & EPYC CPUs Affected By “Sinkclose” Vulnerability, Mitigations Already Rolled Out
AMD’s EPYC & Ryzen chips are now exposed to a new vulnerability called “Sinkclose,” which could potentially affect millions of CPUs worldwide.
The Sinkclose Vulnerability “Attacks” A Critical Part of The AMD Ryzen & EPYC CPUs, Making Data Theft & Code Insertion Seamless For Intruders
Vulnerabilities surfacing up in mainstream CPUs aren’t a big deal at all, given that individuals with malicious intent out there try every possible way to obtain a backdoor, whether it is through a bug present within the computer code or some exposure on which the hackers leverage and then try to steal your data. However, the new Sinkclose vulnerability is said to have been present in AMD CPUs for more than a decade now, & it looks to be public at the Defcon hacker conference by individuals from the security firm IOActive.
So, what is Sinkclose? Well, according to a report from WIRED, the vulnerability allows intruders to run their malicious code on AMD’s CPUs when they are in “System Management Mode,” which is a sensitive mode that contains crucial firmware files for operations.
However, to insert a piece of code, hackers must obtain “deep access to an AMD-based PC or server.” To achieve control over your systems, the intruders can utilize a malware called bootkit, which is undetectable by anti-viruses and does the job of compromising the security of your systems.
Imagine nation-state hackers or whoever wants to persist on your system. Even if you wipe your drive clean, it’s still going to be there. It’s going to be nearly undetectable and nearly unpatchable.
To mitigate the problem, users would need to physically open the computer and connect a hardware-based programming tool known as an SPI Flash programmer, which makes the problem a bit complex for a general consumer. Fortunately, AMD has acknowledged the existence of the vulnerability and has thanked the researchers for getting the Sink closed to the public.
In response, the firm has released a new security bulletin addressing the vulnerability and has released an extensive list of processors affected by it as well, which includes Ryzen 3000 and above processors, along with 1st Gen EPYC and above server CPUs. AMD is also offering firmware & micro code patches to mitigate the impacts across various generations of CPUs. The entirety of the Ryzen and EPYC families have mitigation available with the only one left out being the older Ryzen 3000 Desktop family based on the Zen 2 core architecture.
So, it’s safe to say that AMD has identified the core issue. However, there’s still a lot to cover, especially when it comes to mitigating the vulnerability, most likely through a BIOS update. For an average consumer, there’s nothing to worry about for now, and we’ll update you once AMD drops in a new BIOS update to cover all grounds.