Sinkclose high-risk vulnerability exposed! AMD processors are almost completely wiped out?

【ITBEAR】According to news on August 11, at the recent Def Con conference, the security research community revealed a major security risk named "Sinkclose". This vulnerability is hidden in widely used AMD processors. According to ITBEAR, this vulnerability has existed quietly in many AMD product lines since 2006, covering data center CPUs, graphics processing solutions, embedded processors, desktops, HEDTs, workstations and mobile devices. The scope of influence is staggering. The "Sinkclose" vulnerability opens up a way for attackers to execute malicious code in System Management Mode (SMM). As a special operating state of the CPU, SMM is mainly responsible for performing advanced power management and functions unrelated to the operating system. Its concealment allows malware to run silently in this environment, thereby avoiding detection by traditional security software.

Although it is difficult to exploit this vulnerability, which requires the attacker to first obtain kernel-level access to the system, once successful, the attacker can obtain Ring-2 level permissions and deploy bootkit malware that is difficult to detect and difficult to remove. software. This type of malware is capable of manipulating the system's master boot record and may persist even if the operating system is completely reinstalled, posing a significant threat to the affected system.

Faced with this serious challenge, AMD has officially confirmed the vulnerability and assigned it the number CVE-2023-31315. To mitigate the potential impact of the "Sinkclose" vulnerability on CPUs of all generations, AMD has released a new version of firmware and microcode patches.

Thankfully, although this vulnerability has existed for a long time, due to its high degree of concealment and difficulty of exploitation, no actual case of hackers using this vulnerability to attack has been found.

The above is the detailed content of Sinkclose high-risk vulnerability exposed! AMD processors are almost completely wiped out?. For more information, please follow other related articles on the PHP Chinese website!