A new vulnerability called Sinkhole has been discovered in hundreds of millions of AMD CPUs. This exploit impacts processors dating back to 2006 and affects almost all of AMD’s products, including Ryzen, Threadripper, and Epyc CPUs across desktop and mobile platforms, as well as AMD’s data center GPUs. However, only the most recent batch of chips will receive a patch to fix this vulnerability, as reported by Wired.
According to Tom’s Hardware, AMD will not be patching older CPUs such as Ryzen 1000, 2000, and 3000 processors, along with Threadripper 1000 and 2000 CPUs, citing that these models are outside their support window. Despite the significant security risks posed by Sinkhole, the majority of users may not be directly impacted by this exploit.
The Sinkhole vulnerability allows attackers to run code in System Management Mode, providing them with close access to the hardware, including firmware for power management settings. While this is a serious flaw, it requires a deeply infected PC for the exploit to work effectively. It’s unlikely to affect the average consumer unless their system has already been compromised with malware like a bootkit.
Get your weekly teardown of the tech behind PC gaming
AMD has either released or is planning to release a patch for its most recent chips, covering mobile processors from AMD Athlon 3000 and desktop processors from Ryzen 5000 onwards. While the likelihood of the Sinkhole exploit being utilized on consumer PCs is low, it’s recommended to apply the patch for added security. AMD assures that the update will not result in any performance loss, prioritizing user safety.
