Researchers discover potentially catastrophic exploit present in AMD chips for decades

Researchers uncover decades-old security flaw in AMD chips, calling it the 'Sinkclose' flaw, which could enable deep unauthorized access despite mitigations.

: A security flaw called the 'Sinkclose' flaw has been discovered in AMD processors, enduring since at least 2006, by IOActive researchers. This vulnerability allows unauthorized deep access to a computer's firmware, posing a risk to large entities despite AMD's mitigations. The flaw requires substantial access to exploit, making it less of a threat to regular users.

Security investigators from IOActive have unearthed a critical vulnerability, referred to as the 'Sinkclose' flaw, in AMD processors that has been dormant since at least 2006. This issue enables hackers to execute their code in the most privileged parts of an AMD processor's firmware, specifically the System Management Mode.

Although the flaw is potentially devastating, it is unlikely to affect regular users due to the extensive access required to exploit it. The most significant risks are posed to large organizations and governments, where such infiltrations can be deeply embedded and difficult to detect or remove.

AMD has acknowledged this flaw, providing mitigations for data center products and Ryzen PCs, with further solutions for embedded products forthcoming. Nonetheless, kernel exploits are common and available, highlighting the urgency for comprehensive security measures to protect the integral system foundation.