Researchers uncover long-standing AMD chip vulnerability

Security researchers from IOActive have discovered a significant vulnerability in AMD processors that has existed for decades, dating back to at least 2006.

Dubbed the "Sinkclose" flaw, this issue could potentially allow hackers to execute their own code in the most privileged area of an AMD processor, known as System Management Mode. This mode is typically a highly protected part of the firmware, making the discovery particularly concerning.

The flaw is unlikely to affect regular users, as exploiting it requires deep access to the target computer. However, the vulnerability could pose a serious threat to corporations and government entities, where such access might be achievable. Once exploited, the malware could burrow so deeply into the system that it would be nearly impossible to detect or remove, even surviving a full operating system reinstallation.

AMD has acknowledged the flaw and has released mitigation options for its data center and Ryzen PC products, with further updates for embedded products expected soon.

The researchers have agreed not to publish any proof-of-concept code to give AMD time to address the issue but stress the urgency of resolving this vulnerability, as it compromises the entire security foundation of affected systems.