Security experts at IOActive have identified a critical vulnerability in AMD processors, dating back to at least 2006, that could allow deep infiltration of computer systems. Dubbed the “Sinkclose” flaw, this issue resides in the firmware of nearly all AMD chips and could let hackers execute code in the highly privileged System Management Mode (SMM), potentially compromising a system’s core security.
“Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer…” New piece from @WIRED featuring research from IOActive Principal Security Consultants, Enrique Nissim & Krzysztof Okupski. https://t.co/UuvzC2qyGI
— IOActive, Inc (@IOActive) August 9, 2024
The vulnerability is particularly alarming because malicious code exploiting this flaw could remain undetected and persist even after a full OS reinstall. This raises concerns for large organizations and government entities, where such deep access could result in severe breaches. Although AMD has acknowledged the issue and released mitigation options for some products, the complexity required to exploit this flaw means it’s less likely to impact everyday users.
While AMD compares exploiting this flaw to overcoming multiple layers of bank security, IOActive warns that kernel exploits — which could facilitate such attacks — are already available in the wild. The company has refrained from releasing proof-of-concept code to give AMD time to develop patches, but stresses the urgency of addressing this foundational security threat.