High-Risk Security Vulnerability Found in AMD Processors, But No Patch for RYZEN 1000/2000/3000 Series

Security researchers have discovered a high-risk security vulnerability in AMD processors, affecting all processor products released by AMD since 2006. The vulnerability has been named Sinkclose.

The principle of the Sinkclose vulnerability is complex, with the main issue being the presence of System Management Mode (SMM) on AMD chips. SMM has the highest level of privileges on a computer.

If the vulnerability is successfully exploited to gain access to SMM, it would allow the execution of malicious code that antivirus software cannot detect. This malicious code could access all parts of the computer.

Researchers also warn that malicious code could hide within firmware, rendering scans and repairs by the operating system ineffective. For security-conscious users, once attacked, the best course of action might be to dispose of the computer.

After investigation, AMD confirmed the vulnerability reported by researchers. This vulnerability has been classified as high-risk rather than critical. Why is that? Although the vulnerability's impact is significant, exploitation is also highly challenging. Hackers would need to obtain advanced system privileges beforehand. In such cases, hackers can already do much, but successfully exploiting Sinkclose could further ensure persistence.

Most AMD processors are vulnerable and require a patch for mitigation. However, AMD has decided not to release a fix for some older processors.

Processors that will not receive a patch include:

• AMD RYZEN 3000 series
• AMD RYZEN 2000 series
• AMD RYZEN 1000 series
• AMD Threadripper 2000 series
• AMD Threadripper 1000 series

As for the reasons for not providing a fix, AMD states that these products are beyond their software support lifecycle. In simple terms, regardless of any vulnerabilities discovered, AMD will not issue fixes. Users are left with the choice of either remaining at risk or discarding these older CPUs for newer ones.