Some of the most iconic AMD chips have a serious security flaw — which the company says it probably won't patch now

AMD logo
(Image credit: Shutterstock / JHVEPhoto)

Several chips built by AMD over the past 18 years are vulnerable to Sinkclose, a critical severity flaw which could allow malicious actors to break into the target system, basically unseen. 

While the chipmaker has already released a fix for some of the newer models, older ones - including some of the most iconic products - will not be receiving any treatment. 

This is because they have reached end of life and as such are not eligible for any support, despite being super popular with the consumers.

Ryzen 9000 not listed

"There are some older products that are outside our software support window,” AMD told Tom’s Hardware in a statement, meaning products in the Ryzen 1000, 2000, and 3000 series, as well as the Threadripper 1000 and 2000 models, are being left behind.

On the other end, all generations of AMD's EPYC processors for the data center, the latest Threadripper, and Ryzen processors, as well as the MI300A data center chips, have all been patched.

AMD added it does not expect the patches to affect the chips’ performance, which means the company still doesn’t know for certain, what the effects of the fix will be - with the full list of supported chips found on this link

It’s also worth mentioning that the latest Ryzen 9000 and Ryzen AI 300 series processors aren’t included on the list, which could mean that these weren’t vulnerable in the first place. 

The Sinkclose vulnerability allows threat actors to run malicious code inside the System Management Mode (SMM) of AMD processors, which is a high-privilege area reserved for critical firmware operations. To be able to exploit the vulnerability, an attacker would first need to compromise the endpoint separately. 

Fortunately, there is currently no evidence that any malicious actors discovered, or used, this flaw in the past.

Via Tom's Hardware

More from TechRadar Pro

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
AMD logo
Security flaw means AMD Zen CPUs can be "jailbroken"
AMD logo
AMD patches high severity security flaw affecting Zen chips
AMD Ryzen 5 7600X processor
AMD confirms processor security flaws after Asus patch slips out early
Security
Intel slams Nvidia and AMD, claims chip giants have huge numbers of security flaws
MediaTek
MediaTek reveals host of security vulnerabilities, so patch now
An abstract image of a lock against a digital background, denoting cybersecurity.
Apple CPU security issue could let hackers steal user data from browsers
Latest in Security
Data Breach
Thousands of healthcare records exposed online, including private patient information
China
Juniper patches security flaws which could have let hackers take over your router
Representational image depecting cybersecurity protection
GitLab has patched a host of worrying security issues
Ai tech, businessman show virtual graphic Global Internet connect Chatgpt Chat with AI, Artificial Intelligence.
AI agents can be hijacked to write and send phishing attacks
China
Volt Typhoon threat group had access to American utility networks for the best part of a year
Abstract image of cyber security in action.
MassJacker malware targets those looking for pirated software
Latest in News
Google Pixel 8a in aloe green showing
Google Pixel 9a benchmark link teases the performance of the upcoming mid-ranger
Quordle on a smartphone held in a hand
Quordle hints and answers for Monday, March 17 (game #1148)
NYT Strands homescreen on a mobile phone screen, on a light blue background
NYT Strands hints and answers for Monday, March 17 (game #379)
NYT Connections homescreen on a phone, on a purple background
NYT Connections hints and answers for Monday, March 17 (game #645)
Apple iPhone 16 Pro HANDS ON
Leaked iPhone 17 dummy units may have given us our best look yet at all four models
A super close up image of the Google Gemini app in the Play Store
It's official: Google Assistant will be retired for phones this year, with Gemini taking over