From PC World: It seems like every month or so we hear about a new security flaw affecting tons of consumer-grade CPUs. Perhaps that shouldn’t be surprising, though, since the complexities of modern processors and the PCs around them have grown to truly labyrinthian degrees.
But the latest issue affecting AMD processors is pretty big — so big, in fact, that it extends back through generations of CPUs, some of which are long out of support and may never be fixed.
The “Sinkclose” flaw allows an infected PC to run unchecked code on an AMD Ryzen processor in System Management Mode, bypassing checks in Windows and even most BIOS and UEFI setups. The issue was discovered by researchers from IOActive and shown off at Defcon.
Once compromised, these systems can be infected with bootkits that run circles around conventional security tools, including antivirus suites and Windows’ own built-in defenses. It could even be able to remain on a PC after a completely fresh operating system install.
View: Full Article
