Periodically, we see the emergence of important vulnerabilities in processors. Intel is usually the one that presents the greatest number of these problems, since they are the most investigated because they are the most popular on the market.
The emergence of silicon-level vulnerabilities is explained by the fact that they were not investigated years ago. Normally, vulnerabilities were sought at the software level, not at the hardware level. Intel’s Spectre and Meltdown showed that they existed at the hardware level and this posed a serious risk to the user.
AMD will finally mitigate Sinkclose on Ryzen 3000
Sinkclose is a major vulnerability affecting all AMD processors since 2006. This security hole exploits a flaw in the system management mode (SMM). Thanks to this flaw, a malicious attacker can execute code inside the SMM.
SMM attacks are impossible to detect using an antivirus program. Furthermore, due to this vulnerability, malware installed at this point is very difficult to detect. It is also very difficult to remove and may even persist after a clean installation of the operating system.
You have to be calm, in principle, since the vulnerability It is extremely difficult to exploitA separate exploit that grants access to the system kernel is required before Sinkclose can be exploited. However, this is a very serious vulnerability and AMD has been working to fix it as quickly as possible.
The security hole affects any chip based on the Zen 1, Zen 2, Zen 3, and Zen 4 architectures. It makes no distinction between desktop, laptop, or server processors. The company stressed that it would patch the vulnerability for all outgoing Ryzen chips, no matter how old the architecture.
There was only one exception to this initial plan and that was the Ryzen 3000 processors codenamed Matisee. For an unknown reason, AMD did not include these processors in the support list for this vulnerability. Curiously, the Ryzen Threadripper 3000, Threadripper Pro 3000WX, EPYC Zen 2 (7002), Ryzen 3000 Mobile, and Ryzen 3000/4000 APUs were going to be patched.
Well, it would have been a mistake when publishing the list of chips that will receive the Sinkclose patch. The company has published a fix for these processors. It didn’t make much sense for all Zen 2-based chips to have mitigation, except for its desktop processors, which sold like hotcakes.
A security patch for Sinkclose is due to be released tomorrow. Please note that each manufacturer will then have to include this microcode in the BIOS of their motherboards. This can take between one and three months. It is possible that some motherboard manufacturers will limit the update to their most recent models.