A newly disclosed security vulnerability dubbed Sinkclose has been found to affect nearly all AMD processors released since 2006, potentially exposing millions of systems to malicious attacks. However, AMD has announced it will not be patching the flaw for many older CPU models, leaving a large number of users at risk.
What is the Sinkclose vulnerability?
Sinkclose is a critical severity flaw that allows attackers to execute malicious code within the System Management Mode (SMM) of affected AMD processors. The SMM is a highly privileged area normally reserved for critical firmware operations, making this vulnerability particularly dangerous.
Key points about Sinkclose:
- Affects AMD CPUs dating back to 2006
- Allows execution of malicious code in the privileged SMM
- Can persist after OS reinstallation, making it extremely difficult to remove
- Requires initial system compromise to exploit, but is then virtually undetectable
Which AMD processors are affected?
The vulnerability impacts a wide range of AMD processors across consumer, data center, and embedded product lines. However, AMD has stated it will only be releasing patches for more recent CPU generations.
Processors that will receive patches include:
- EPYC data center CPUs (all generations)
- Ryzen 4000 series and newer
- Threadripper 3000 series and newer
- Various embedded and mobile Ryzen processors
Notably, AMD will not be patching several popular consumer CPU lines:
- Ryzen 1000, 2000, and 3000 series
- Threadripper 1000 and 2000 series
AMD claims these older products are outside our software support window and thus ineligible for updates.
The AMD logo symbolizing the company's ongoing commitment to both innovation and security amidst vulnerabilities in older CPU models |
What are the implications for users?
The decision not to patch older CPUs leaves a significant number of systems potentially vulnerable. While AMD states there's currently no evidence of Sinkclose being exploited in the wild, the severity of the flaw is concerning.
Users of affected, unpatched systems should consider:
- Upgrading to a newer CPU if handling sensitive data
- Implementing strong security practices to prevent initial system compromise
- Being aware that antivirus software may not detect Sinkclose-based attacks
For most average users, the risk of being specifically targeted is low. However, the persistence and stealth of potential Sinkclose exploits make it a serious concern for high-value targets or systems handling sensitive information.
AMD's response and ongoing security concerns
AMD's selective patching approach highlights the challenges of long-term security support for hardware. While the company is addressing the vulnerability in current and recent products, the vast number of older, vulnerable systems in use raises questions about the long-term security implications of end-of-life hardware policies.
As processors become more complex and long-lived vulnerabilities like Sinkclose come to light, the tech industry may need to reconsider how long security support should be provided for critical hardware components.