AMD refused to fix the Sinkclose vulnerability in Ryzen 3000 and earlier – they are too old

Image Source: AMD/tomshardware.com

The vulnerability, dubbed Sinkclose, allows hackers to gain access to the SMM system management mode in computers running AMD processors and inject malware into the UEFI bootloader. It is almost impossible to detect and remove such software – this will require physically erasing the contents of the chip from the BIOS using a programmer. To complicate matters, the SMM layer allows unrestricted access to all system memory and can be used to monitor the operating system. Given the severity of the problem, AMD has released security updates for a number of processors.

However, the company notes that some older products are beyond the period of their software support – AMD does not intend to close the security hole in them. In particular, the company does not plan to update the Ryzen 1000, 2000 and 3000 series processors, as well as the Threadripper 1000 and 2000 models. The new Ryzen 9000 and Ryzen AI 300 processors are also missing from the list, but there is a possibility that for them the vulnerability was fixed at the factory .

Processors that have already received or are awaiting a security update include the following:

  • All generations of AMD EPYC processors for data centers;
  • Latest Threadripper and Ryzen models;

  • MI300A chips for data centers.

Full table of AMD chips for which the update will be released:

Image source: Tomshardware.com

Although the Sinkclose vulnerability is difficult to exploit, AMD recommends that all users install the update as soon as it becomes available. At the same time, the company assured that the update will not affect processor performance.

It is also noted that all Ryzen Embedded and EPYC Embedded, without exception, will receive the update. This is due to the fact that most embedded processors run in the background 24/7 without human intervention for several years, which further creates the threat of various types of hacker attacks.

admin

Share
Published by
admin

Recent Posts

Apple Sued Over Broken AI Promises Apple Intelligence

Apple is facing two more class action lawsuits over delays in the release of features…

1 hour ago

Insider Confirms When The Elder Scrolls IV: Oblivion Remake Will Be Released

Giant Bomb journalist Jeff Grubb has clarified the release dates for the much-rumored remake of…

1 hour ago

US authorities launch investigation into chip import chains, threatening new tariffs

The delay in introducing higher duties on semiconductor imports to the United States was, among…

1 hour ago

US authorities launch investigation into chip import chains, threatening new tariffs

The delay in introducing higher duties on semiconductor imports to the United States was, among…

2 hours ago

Scientists Create Stretchable Lithium Battery That’s Safe to Bend, Cut, and Puncture

A group of scientists from the University of California at Berkeley (UC Berkeley) has made…

2 hours ago

Apple to Analyze iPhone, iPad, and Mac User Chats to Improve Its AI

Apple plans to start analyzing data on users' devices to improve its artificial intelligence platform.…

2 hours ago