A recently found major security flaw called ‘Sinkclose’ impacts virtually all of the AMD’s processors released since 2006. The vulnerability allows threat actors to deeply infiltrate into a system, making it difficult to identify and eliminate the malicious software. According to experts, the problem is serious, in some cases, it would be easier to just dump the system than to fix it.
About Sinkclose Bug
But there is a good side to it, since the flaw has not been found for 18 years, chances are it hasn’t been exploited. Additionally, AMD is patching its platforms to protect the affected processors, however, not all have received a patch yet. See this list for full details.
Sinkclose is known for escaping anti-viruses and persistence even after reinstalling OS. The bug allows threat actors to execute code within AMD processors’ SMM (System Management System), a privileged region kept for critical firmware operations. To use the flaw, threat actors must first gain access to the system’s kernel, a difficult task, but doable. But the system must already have been targeted by some other attack.
Persistent Threat
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents