The hidden vulnerabilities within your computer’s firmware—the intricate code that initializes upon startup and governs the operation of the operating system—have long captivated malicious hackers seeking silent entry points. However, it is quite rare for such vulnerabilities to not reside within a specific manufacturer’s firmware but rather in the chips prevalent in countless PCs and servers globally. Recent findings by security experts have uncovered an enduring flaw nestled in AMD processors, one that has persisted for years and permits malware to infiltrate deeply into a computer’s memory. In many scenarios, the damage could be so extensive that replacing the device could become more feasible than trying to sanitize it.
During their presentation at Defcon—an esteemed gathering for cybersecurity enthusiasts—researchers Enrique Nissim and Krzysztof Okupski from IOActive will unveil a significant vulnerability identified within AMD chips known as Sinkclose. This flaw empowers cybercriminals to execute unauthorized code in System Management Mode (SMM), an extremely privileged operational state intended solely for certain protected segments of its firmware. The team at IOActive indicates this vulnerability spans nearly all AMD processors manufactured since 2006 or potentially even before that time frame.
Read 13 remaining paragraphs | Comments
