Trending Now

Menu
Search
Headline
Insights into Common Snapping Turtles: From Behavior to Preservation
DIY Acrylic Nails: A Step-by-Step Guide to Applying Nail Powder at Home
AMD Brings Performance Improvements for Ryzen CPUs to Windows 11 Stable Release – PC – News
The United States won gold in the team relay on the opening day of the mountain bike world championships
The United States won gold in the team relay on the opening day of the mountain bike world championships
ANWB introduces automatic shutdown function against night blocking rates – Image and sound – News
EU to investigate whether Telegram lied about user numbers – IT Pro – News
Rumor: PlayStation 5 Pro to be revealed in September, looks like a ‘Slim’ – Gaming – News
Lenovo Product Manager: Intel Still Working on Arrow Lake Halo Processor – Computer – News
Juridisch adviseur breekt met Shima Kaes om voorgestelde afkoopsom Johnny de Mol
Legal Counsel Splits From Chima Kayes Over Lump Sum Proposed By Johnny De Mol | RTL Street

AMD CPUs contain a vulnerability that allows malware to be secretly placed

science
Courtney Horton

AMD CPUs contain a vulnerability that allows malware to be secretly placed

Researchers are warning of a vulnerability in AMD processors that allows hackers to install malware, largely without leaving a trace. According to the researchers, the flaw is present in almost all AMD CPUs. However, it requires kernel access to exploit it.

The vulnerability allows attackers with kernel-level access to access the System Management Mode, or SMM, of AMD processors. leave it SMM is a deep management layer with high levels of access that is typically only accessible through the CPU, researchers from security firm IOActive told Wired.

Researchers say this access allows attackers to disable the chip’s security features and inject malicious bootkits without the operating system or antivirus software noticing. The hacker could then take full control of the system and monitor its activities. The vulnerability is said to have been present in almost all AMD processors since 2006. Since it was just discovered, it’s possible that the bug has not yet been exploited.

On systems where AMD’s Platform Secure Boot hardware validation system is misconfigured, the lockout attack will also be difficult to resolve. Reinstalling the operating system, among other things, is not enough to remove the malware. According to the researchers, this was the case with the majority of the systems tested. In such cases, users can only remove the malware by physically connecting the processor to an SPI Flash tool and carefully digging into the memory.

AMD confirmed the researchers’ findings to Wired. The manufacturer has released patches for its EPYC data center processors and some Ryzen CPUs to “mitigate” the issues. Fixes should also be available soon for AMD’s integrated chips, which are used in industrial equipment and cars, for example. The manufacturer has it on its website existing Posted with weak chips. Weakness has the property CVE-2023-31315 It has a CVSS score of 7.5.

AMD stresses that exploiting the vulnerability is extremely difficult, as hackers would need to already have access to the system kernel. The manufacturer compares the bug to opening bank vaults while bypassing alarms, guards, and the vault door. IOActive claims that vulnerabilities are regularly discovered and exploited that allow attackers to access the computer kernel, making it possible to exploit Sink Close.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back To Top