1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Some of the most iconic AMD chips have a serious security flaw w

    From TechnologyDaily@1337:1/100 to All on Mon Aug 12 11:00:06 2024
    Some of the most iconic AMD chips have a serious security flaw which the company says it probably won't patch now

    Date:
    Mon, 12 Aug 2024 10:46:22 +0000

    Description:
    A major flaw laid undetected for almost two decades, allowing threat actors
    to deploy malware, undetected.

    FULL STORY ======================================================================

    Several chips built by AMD over the past 18 years are vulnerable to
    Sinkclose, a critical severity flaw which could allow malicious actors to break into the target system, basically unseen.

    While the chipmaker has already released a fix for some of the newer models, older ones - including some of the most iconic products - will not be receiving any treatment.

    This is because they have reached end of life and as such are not eligible
    for any support, despite being super popular with the consumers. Ryzen 9000 not listed

    "There are some older products that are outside our software support window, AMD told Toms Hardware in a statement, meaning products in the Ryzen 1000, 2000, and 3000 series, as well as the Threadripper 1000 and 2000 models, are being left behind.

    On the other end, all generations of AMD's EPYC processors for the data center, the latest Threadripper, and Ryzen processors, as well as the MI300A data center chips, have all been patched.

    AMD added it does not expect the patches to affect the chips performance, which means the company still doesnt know for certain, what the effects of
    the fix will be - with the full list of supported chips found on this link .

    Its also worth mentioning that the latest Ryzen 9000 and Ryzen AI 300 series processors arent included on the list, which could mean that these werent vulnerable in the first place.

    The Sinkclose vulnerability allows threat actors to run malicious code inside the System Management Mode (SMM) of AMD processors, which is a high-privilege area reserved for critical firmware operations. To be able to exploit the vulnerability, an attacker would first need to compromise the endpoint separately.

    Fortunately, there is currently no evidence that any malicious actors discovered, or used, this flaw in the past.

    Via Tom's Hardware More from TechRadar Pro Some AMD Zen 2 CPUs finally get defenses against Zenbleed security flaw and its about time Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/some-of-the-most-iconic-amd-chips-have- a-serious-security-flaw-which-the-company-says-it-probably-wont-patch-now


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)