Welcome Here  Shenzhen Mingjiada Electronics Co., Ltd.

Recently, a serious security vulnerability code-named SinkClose was revealed, affecting nearly all AMD processors since 2006 and posing a direct threat to millions of devices worldwide.

The SinkClose vulnerability was discovered and named by Enrique Nissim and Krzysztof Okupski, two security researchers at Security Experts.

According to the report, "Most systems are incorrectly configured, and this vulnerability is nearly impossible to fix in incorrectly configured computers." In a properly configured system, the vulnerability could lead to a malware infection (known as bootkit) that is nearly impossible to detect."

In addition, SinkClose (officially named) can attack multiple generations of EPYC, Ryzen, and Threadripper processors. It has a Common Vulnerability Scoring System (CVSS) score of 7.5, which means it is a serious vulnerability.

The core of SinkClose is that it enables attackers to run malicious code in the system management mode (SMM) of AMD processors. SMM is a highly privileged environment, often used to perform critical firmware operations, which means that once compromised by malware, it is not only difficult to detect, but even harder to remove.

The impact of the vulnerability is widespread and far-reaching. Attackers can exploit the SinkClose vulnerability to deploy BootKit-type malware, which is able to evade scanning by conventional antivirus software and survive even after reinstalling operating systems, posing a major challenge to system security in servers, data centers, and cloud environments.

In order to exploit the SinkClose vulnerability, an attacker would first need to gain kernel-level access to the target system, a process that is difficult but still feasible. Once this is achieved, an attacker can manipulate the processor, execute arbitrary code at the SMM level, and gain control of the entire system, although gaining such access is too cumbersome and too low value. But when it comes to servers, data centers, and the cloud, it's a different story. In a connected environment, an infection from a single device can spread to the entire network, and businesses face downtime, high costs to repair data breaches, and a decline in customer trust.

AMD has confirmed the existence of the SinkClose vulnerability and is working to provide patches for affected platforms. However, due to the large number of processor models, some devices may not be updated for the time being. Therefore, it is highly recommended that users regularly check and apply BIOS updates from the PC or motherboard manufacturer. For more information, visit www.hkmjd.com