Researchers discover potentially catastrophic exploit present in AMD chips for decades

Security researchers have found a vulnerability in AMD processors that has persisted for decades, according to reporting by Wired. This is a fascinating security flaw because it was found in the firmware of the actual chips and potentially allows malware to deeply infect a computer’s memory.

The flaw was discovered by researchers from the security firm IOActive, who are calling the AMD-based vulnerability a “Sinkclose" flaw. This potentially allows hackers to run their own code in the most privileged mode of an AMD processor, System Management Mode. This is typically a protected portion of the firmware. The researchers have also noted that the flaw dates back to at least 2006 and that it impacts nearly every AMD chip.

"Researchers warn that a bug in AMD’s chips would allow attackers to root into some of the most privileged portions of a computer…" New piece from @WIRED featuring research from IOActive Principal Security Consultants, Enrique Nissim & Krzysztof Okupski. https://t.co/UuvzC2qyGI

— IOActive, Inc (@IOActive) August 9, 2024

That’s the bad news. Now onto some better news. Despite being potentially catastrophic, this issue is unlikely to impact regular people. That’s because in order to make full use of the flaw, hackers would already need deep access to an AMD-based PC or server. That’s a lot of work for a random home PC, phew, but could spell trouble for corporations or other large entities.

This is particularly worrisome for governments and the like. In theory, malicious code could burrow itself so deep within the firmware that it would be almost impossible to find. As a matter of fact, the researchers say that the code would likely survive a complete reinstallation of the operating system. The best option for infected computers would be a one-way ticket to the trash heap.

“Imagine nation-state hackers or whoever wants to persist on your system. Even if you wipe your drive clean, it's still going to be there,” says Krzysztof Okupski from IOActive. “It's going to be nearly undetectable and nearly unpatchable.”

Once successfully implemented, hackers would have full access to both surveil activity and tamper with the infected machine. AMD has acknowledged the issue and says that it has “released mitigation options” for data center products and Ryzen PC products “with mitigations for AMD embedded products coming soon.” The company has also published a full list of impacted chips.

AMD has also emphasized just how difficult it would be to take advantage of this exploit. It compares using the Sinkclose flaw to accessing a bank’s safe-deposit boxes after already bypassing alarms, guards, vault doors and other security measures. IOActive, however, says that kernel exploits — the equivalent of plans to get to those metaphorical safe-deposit boxes — exist readily in the wild. “People have kernel exploits right now for all these systems,” the organization told Wired. “They exist and they're available for attackers.”

IOActive has agreed to not publish any proof-of-concept code as AMD gets to work on patches. The researchers have warned that speed is of the essence, saying “if the foundation is broken, then the security for the whole system is broken.”

This article originally appeared on Engadget at https://www.engadget.com/cybersecurity/researchers-discover-potentially-catastrophic-exploit-present-in-amd-chips-for-decades-161541359.html?src=rss

HOT news

Related posts

Latest posts

Nothing’s first over-ear headphones wish to be a unusual $300 AirPods Max various

After quite a few waves of comparable (and not-so-similar) wi-fi buds, Nothing is debuting its first pair of over-ear headphones. The Headphone 1 combines...

BTC Bull Token’s Remaining 6 Days to Purchase Earlier than Launch – The Subsequent SHIB or FLOKI?

The clock is ticking for traders who wish to seize BTC Bull Token (BTCBULL) at its presale value earlier than it takes off.With greater...

Specialists Optimistic on Crypto Altcoin ETFs This 12 months: Will XRP, ADA, and SOL Profit?

The U.S. Securities and Trade Fee (SEC) is anticipated to rule on the Grayscale Digital Massive Cap Fund (GDLC) this week, and an professional...

Nothing Cellphone 3 hands-on: A tiny, playful dot-matrix display screen within the firm’s most costly telephone but

With the third technology of its smartphone sequence, Nothing made the bizarre transfer to launch the cheaper ‘a’ line first, unveiling the Cellphone 3a...

Arbitrum ($ARB) Defies Market Stoop: Can the Ethereum L2 Chief Hit $0.59 Subsequent?

The Arbitrum ($ARB) token is climbing once more, slowly rising to $0.327 after a 7% drop from its 24-hour excessive of $0.3887. With a...

Want to stay up to date with the latest news?

We would love to hear from you! Please fill in your details and we will stay in touch. It's that simple!