Lädt...


📰 'Sinkclose' Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections


Nachrichtenbereich: 📰 IT Security Nachrichten
🔗 Quelle: it.slashdot.org

An anonymous reader quotes a report from Wired: Security flaws in your computer's firmware, the deep-seated code that loads first when you turn the machine on and controls even how its operating system boots up, have long been a target for hackers looking for a stealthy foothold. But only rarely does that kind of vulnerability appear not in the firmware of any particular computer maker, but in the chips found across hundreds of millions of PCs and servers. Now security researchers have found one such flaw that has persisted in AMD processors for decades, and that would allow malware to burrow deep enough into a computer's memory that, in many cases, it may be easier to discard a machine than to disinfect it. At the Defcon hacker conference tomorrow, Enrique Nissim and Krzysztof Okupski, researchers from the security firm IOActive, plan to present a vulnerability in AMD chips they're calling Sinkclose. The flaw would allow hackers to run their own code in one of the most privileged modes of an AMD processor, known as System Management Mode, designed to be reserved only for a specific, protected portion of its firmware. IOActive's researchers warn that it affects virtually all AMD chips dating back to 2006, or possibly even earlier. Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or server, but that the Sinkclose flaw would then allow them to plant their malicious code far deeper still. In fact, for any machine with one of the vulnerable AMD chips, the IOActive researchers warn that an attacker could infect the computer with malware known as a "bootkit" that evades antivirus tools and is potentially invisible to the operating system, while offering a hacker full access to tamper with the machine and surveil its activity. For systems with certain faulty configurations in how a computer maker implemented AMD's security feature known as Platform Secure Boot -- which the researchers warn encompasses the large majority of the systems they tested -- a malware infection installed via Sinkclose could be harder yet to detect or remediate, they say, surviving even a reinstallation of the operating system. Only opening a computer's case, physically connecting directly to a certain portion of its memory chips with a hardware-based programming tool known as SPI Flash programmer and meticulously scouring the memory would allow the malware to be removed, Okupski says. Nissim sums up that worst-case scenario in more practical terms: "You basically have to throw your computer away." In a statement shared with WIRED, AMD said it "released mitigation options for its AMD EPYC datacenter products and AMD Ryzen PC products, with mitigations for AMD embedded products coming soon." The company also noted that it released patches for its EPYC processors earlier this year. It did not answer questions about how it intends to fix the Sinkclose vulnerability.

Read more of this story at Slashdot.

...

📰 'Sinkclose' Flaw in Hundreds of Millions of AMD Chips Allows Deep, Virtually Unfixable Infections


📈 148.33 Punkte
📰 IT Security Nachrichten

📰 ‘Hundreds Of Millions’ Of iPhones Vulnerable To New ‘Unfixable’ Hack


📈 46.56 Punkte
📰 IT Security Nachrichten

📰 Researchers discover that Intel chips have an unfixable security flaw


📈 41.54 Punkte
📰 IT Security Nachrichten

📰 Sinkclose: Katastrophale Schwachstelle in AMD-Chips entdeckt


📈 38.19 Punkte
📰 IT Security Nachrichten

📰 New AMD SinkClose flaw helps install nearly undetectable malware


📈 36.75 Punkte
📰 IT Security Nachrichten

📰 'Unfixable' hole in Intel ROM exposes all but latest chips to attack


📈 34.26 Punkte
📰 IT Security Nachrichten

📰 Researcher Finds Unfixable Yet Tricky to Exploit Flaw in Yubikeys


📈 32.81 Punkte
📰 IT Security Nachrichten

📰 Apple's T2 Security Chip Has an Unfixable Flaw


📈 32.81 Punkte
📰 IT Security Nachrichten

📰 Intel SGX is vulnerable to an unfixable flaw that can steal crypto keys and more


📈 32.81 Punkte
📰 IT Security Nachrichten

📰 That terrifying 'unfixable' Microsoft Skype security flaw: THE TRUTH


📈 32.81 Punkte
📰 IT Security Nachrichten

🎥 Proactive Product Security Assurance Avoids Sinkclose | Chips & Salsa | Intel


📈 32.59 Punkte
🎥 Video | Youtube

📰 Sinkclose trifft AMD: CPU-Lücke macht Malware-Infektionen nahezu unumkehrbar


📈 29.47 Punkte
📰 IT Nachrichten

📰 AMD knickt ein: Ryzen 3000 erhält nun doch Patch gegen Sinkclose-Lücke


📈 29.47 Punkte
📰 IT Nachrichten

📰 AMD Patched The Newly Disclosed SinkClose CPU Vulnerability


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 'SinkClose' AMD CPU vulnerability explained: How dangerous is it really?


📈 29.47 Punkte
📰 IT Nachrichten

📰 The AMD SinkClose security hole is dangerous. Here's how to protect your systems


📈 29.47 Punkte
📰 IT Nachrichten

📰 Sinkclose: Alle AMD-Prozessoren seit 2006 von schwerer Sicherheitslücke betroffen


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 AMD Says New Sinkclose CPU Vulnerability Only Affects ‘Seriously Breached Systems’


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 AMD won’t patch Sinkclose security bug on older Zen CPUs


📈 29.47 Punkte
📰 IT Security Nachrichten

🪟 Sinkclose: Sicherheitslücke in Millionen von AMD-CPUs - ZDNet.de


📈 29.47 Punkte
🪟 Windows Server

📰 Sicherheitslücke: Sinkclose betrifft alle AMD-CPUs seit fast 20 Jahren


📈 29.47 Punkte
📰 IT Nachrichten

📰 Sinkclose: Sicherheitslücke in Millionen von AMD-CPUs


📈 29.47 Punkte
📰 IT Nachrichten

📰 AMD addresses Sinkclose vulnerability but older processors left unattended


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 Sinkclose: Sicherheitslücke in AMD-Prozessoren entdeckt


📈 29.47 Punkte
📰 IT Nachrichten

📰 AMD Sinkclose: Sicherheitslücke betrifft Mio. von CPUs und wird nicht bei allen geschlossen


📈 29.47 Punkte
📰 IT Nachrichten

📰 Sinkclose: AMD fixt große Sicherheitslücke, nicht alle CPUs erhalten Hilfe


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 Sinkclose trifft AMD: CPU-Lücke macht Malware-Infektionen nahezu unumkehrbar


📈 29.47 Punkte
📰 IT Security Nachrichten

📰 Police Warn Hundreds of Online Merchants of Skimmer Infections


📈 29.26 Punkte
📰 IT Security Nachrichten

🕵️ jQuery JavaScript library flaw opens the doors for attacks on hundreds of millions of websites


📈 28.3 Punkte
🕵️ Hacking

🕵️ iShutdown lightweight method allows to discover spyware infections on iPhones


📈 27.64 Punkte
🕵️ Hacking

🎥 How Companies Profit off Unfixable Devices (ft. Louis Rossmann)


📈 25.53 Punkte
🎥 Videos

🎥 Apple’s Unfixable Vulnerability - ThreatWire


📈 25.53 Punkte
🎥 IT Security Video

matomo