AMD Ryzen and EPYC processors are vulnerable to a new vulnerability called “Sinkclose“, which could affect millions upon millions of AMD processors worldwide.
2VIEW GALLERY – 2 PICTURES
In a new report from WIRED we learn that the new “Sinkclose” Vulnerability allows intruders to execute malicious code on AMD processors if they are in “System administration mode“, a sensitive mode that contains important firmware files used for operation.
However, hackers must insert a code that gives them:deep access to an AMD-based PC or server“. Once the hackers have this access, they can install a malware called a bootkit that goes undetected by antivirus software and is designed to protect your PC.
Enrique Nissim and Krzysztof Okupski, researchers at security firm IOActive, will present the new vulnerability in AMD processors, which they call Sinkclose. Okupski told WIRED: “Imagine government hackers or anyone else trying to gain access to your system. Even if you wipe your drive, it will still be there. It will be almost undetectable and almost unpatchable.“.
How would you remove the malware? Well, that’s difficult: you would have to open the PC and physically connect directly to a specific part of its memory chips using a hardware-based programming tool called “SPI Flash” programmers, with Okupski saying that one must carefully comb through the memory to remove the malware.
Nissim says the worst case scenario would be:You basically have to throw away your computer“.
AMD issued a statement to WIRED in which the company acknowledged that Sinkclose is difficult to exploit and that to exploit this vulnerability, hackers would need access to your computer’s kernel, the core of the operating system.
