Hidden Vulnerability in AMD Chips Leaves Systems Open to Invisible Cyber Threats
Hidden Vulnerability in AMD Chips Leaves Systems Open to Invisible Cyber Threats
Security researchers at IOActive have discovered a critical flaw in almost two dozen AMD processor models. Attackers can exploit the vulnerability to infect a CPU with malware that loads before the operating system, but you probably don’t need to worry about it.
The security firm IOActive called the vulnerability “Sinkclose,” which has existed in PC, data center, and embedded (chips used in cars or industrial equipment) AMD processors since 2006. In order to keep AMD chips backwards compatible, the chipmaker added a feature that can modify privileged CPU configurations. It’s that CPU flaw which security researchers have managed to exploit.
By exploiting Sinkclose, malicious actors can modify processor configurations which are otherwise highly protected and only accessible to the System Management Mode (SMM). System Management Mode operates at a higher privilege level than the operating system. And because of that, any changes made to it are invisible and inaccessible to the OS.
In theory, threat actors could use this elevated access to install malware that runs on boot, before the operating system . Reinstalling the OS, wiping the storage, or antivirus software cannot get rid of it. You would have to physically link with the processor using a special programming device to detect and remove such malware.
Thankfully, t’s incredibly difficult to successfully execute this attack. For starters, the attackers will need kernel level access (kernel is an operating system’s core which has complete control over the entire OS). Modern operating systems have safeguards against unauthorized kernel access, so the attackers will have to bypass many layers of security to make it work. So while kernel exploits do exist, the threat Sinkclose poses is minimal for the average person.
In response to IOActive’s investigation, AMD has released a list of vulnerable processors , along with some mitigation tips. The company is also working on security patches for the affected processors.
Source: IOActive
Also read:
- [Updated] Direct Link Between Spotify and YouTube The Top Tools for Music Sharing for 2024
- $1,149 OFF! Shop the Newly Discounted M3 MacBook Air Laptop - 16GB Memory & 13-Inch Screen
- 網路上自由下載 WMV到 MP4 - 使用Movavi格式適配器
- Ace Gamers’ Deal: The Ultimate Combo of Power and Savings - MSI Bravo Laptop with RTX 4060 Under $1K!
- Apple Unveils a Time-Traveling Tech Marvel: Retrofitted 1994 PowerBook with Modern iPad Screen and Latest MacBook Pro Internals
- Explore Job Opportunities: Build the Future with Facebook's Metaverse
- Get the Asus 2024 ROG Zephyrus G14 with OLED Display and NVIDIA's RTX 4060 at a Discounted Price - Save $300 Now
- Get Your Hands on the High-End Dell G16 Gaming Laptop for Only $949 - Limited Time Offer
- In 2024, How to Transfer Data from Vivo V30 to Any iOS Devices | Dr.fone
- In 2024, Mastering User-Generated Content Music Posting on Instagram
- Revolutionize Your Tech Setup: New Framework's Latest Innovation with DeepComputing's StarFive SoC Board Features Advanced RISC-V Technology for Laptops.
- SD卡如何轻松地重新获取信息:包括4个不同方法
- Take On Any Challenge: Discover Gaming Excellence with the Affordable and Powerful Lenovo Legion Slim 5 ($899) - Packed With a Cutting-Edge RTX 4060 GPU!
- The Director's Cut Showcase for The Wasteland 2: An In-Depth Look at the Revamped RPG Experience
- Win10 Excel 桌面上移動鍵盤功能 - 如何恢復已删除的工作表
- Title: Hidden Vulnerability in AMD Chips Leaves Systems Open to Invisible Cyber Threats
- Author: Joseph
- Created at : 2024-10-13 11:40:12
- Updated at : 2024-10-19 01:56:15
- Link: https://hardware-help.techidaily.com/hidden-vulnerability-in-amd-chips-leaves-systems-open-to-invisible-cyber-threats/
- License: This work is licensed under CC BY-NC-SA 4.0.