Millions of AMD CPUs found vulnerable to 18-year-old 'Sinkclose' deep-system flaw but it's pretty difficult to exploit
Still, just when you thought it was only Intel-based systems that might need a BIOS update.
Security researchers have discovered a vulnerability that affects almost all AMD CPUs, allowing access to some of the deepest parts of the chip. Named 'Sinkclose', the flaw allows attackers that already have kernel-level access to modify SMM (System Management Mode) settings even with existing protections enabled.
Attackers could use the flaw to install malware that would be virtually undetectable, and extremely difficult to remove. However, gaining kernel access in the first place is no easy task, and AMD has already begun releasing fixes for some of the affected chips (via Bleeping Computer).
The vulnerability was discovered by researchers Enrique Nissim and Krzysztof Okupski, two researchers from security services firm IOActive, who presented their findings at this year's Def Con security conference in Las Vegas over the weekend.
Exploiting the flaw would require attackers to first establish kernel access on a target machine via a different attack method. This level of system access is defined as a Ring 0 privilege and essentially opens up the heart of the system to further attack. If successful, an attacker could then enable Ring -2 privileges to install an undetectable bootkit that compromises the master boot record, meaning that even an OS reinstall would be unable to remove it.
System Management Mode (SMM) is one of the deepest operating modes of an x86 architecture chip and is intended to be used by the BIOS/UEFI for power management, system hardware control and some proprietary OEM-designed code. Once compromised, no antivirus or anti-malware program would be able to detect malicious code running this deep in the heart of the system. To detect it, a user would have to physically connect to the CPU to scan the memory for malware.
AMD has released an advisory notice detailing chips vulnerable to the attack, along with firmware fixes that are being provided to OEMs for BIOS updates to fix the flaw. However, Ryzen 3000, 2000 and 1000 series chips will not receive updates, as AMD told Tom's Hardware that "there are some older products that are outside our software support window."
Many of AMD's most recent processors have already received updates to remove the vulnerability. It's worth noting that while Kernel-level system access is very difficult to achieve for a would-be-attacker, it's not impossible—so if you own an AMD CPU and haven't updated the BIOS in a while, it'd be worth checking with your motherboard manufacturer to make sure you're completely up-to-date.
The biggest gaming news, reviews and hardware deals
Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.
Still, it's data center systems and machines holding very sensitive information that would likely be the targets here, so home users shouldn't be too concerned.
AMD's latest Zen 5 9000 series processors like the Ryzen 5 9600X and Ryzen 7 9700X are not included on the list, presumably as they're using the latest BIOS revisions with the fix already applied. While this flaw might be difficult to leverage, it's still a pretty nasty way for a system to fall prone to malicious actors, so the usual advice applies—keep your BIOS up-to-date, and your antivirus in tip-top condition to prevent attacks in the first place.
Best gaming PC: The top pre-built machines.
Best gaming laptop: Great devices for mobile gaming.
Andy built his first gaming PC at the tender age of 12, when IDE cables were a thing and high resolution wasn't. After spending over 15 years in the production industry overseeing a variety of live and recorded projects, he started writing his own PC hardware blog in the hope that people might send him things. And they did! Now working as a hardware writer for PC Gamer, Andy's been jumping around the world attending product launches and trade shows, all the while reviewing every bit of PC hardware he can get his hands on. You name it, if it's interesting hardware he'll write words about it, with opinions and everything.