– Security researchers have discovered a vulnerability in AMD processors that has been present for decades dating back to at least 2006.
– Called the “Sinkclose” flaw, it potentially allows hackers to run their own code in the most privileged mode of an AMD processor called System Management Mode (SMM), which is normally protected firmware.
– This would give attackers full control over the infected computer and ability to surveil activity and tamper with the machine. Code could survive even a complete OS reinstall.
– However, exploiting this flaw would require already having deep access to the targeted PC/server due to protections normally in place. Not a threat for most home users.
– Still concerning as it could allow persistent malware infections that are nearly impossible to detect and remove for governments, corporations and other large entities if exploited.
– AMD acknowledges the issue and is releasing mitigations, but researchers stress speed is important to patch as this impacts security foundation of affected systems.
Source: Engadget