Quoted By:
>Advanced Micro Devices Inc (NASDAQ:AMD) has warned about a critical vulnerability named “SinkClose,” which affects multiple generations of its EPYC, Ryzen, and Threadripper processors.
>What Happened? The flaw allows attackers with Kernel-level (Ring 0) privileges to escalate to Ring -2 privileges, high-level access associated with System Management Mode (SMM), where they can install virtually undetectable malware, Bleeping Computer reports.
>IOActive researchers Enrique Nissim and Krzysztof Okupski discovered that the flaw allows attackers to alter SMM settings even when security measures like SMM Lock are enabled.
>The researchers will present their findings at the upcoming DefCon event, shedding light on a flaw that has remained undetected for nearly two decades and impacts a broad range of AMD chip models.