'ZDNET Recommends': What exactly does it mean?
ZDNET's recommendations are based on many hours of testing, research, and comparison shopping. We gather data from the best available sources, including vendor and retailer listings as well as other relevant and independent reviews sites. And we pore over customer reviews to find out what matters to real people who already own and use the products and services we’re assessing.
When you click through from our site to a retailer and buy a product or service, we may earn affiliate commissions. This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. Neither ZDNET nor the author are compensated for these independent reviews. Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers.
ZDNET's editorial team writes on behalf of you, our reader. Our goal is to deliver the most accurate information and the most knowledgeable advice possible in order to help you make smarter buying decisions on tech gear and a wide array of products and services. Our editors thoroughly review and fact-check every article to ensure that our content meets the highest standards. If we have made an error or published misleading information, we will correct or clarify the article. If you see inaccuracies in our content, please report the mistake via this form.
'SinkClose' AMD CPU vulnerability explained: How dangerous is it really?
Worrying computer news always comes out of the hacker convention Defcon -- and this year was no different. A pair of security researchers, Enrique Nissim and Krzysztof Okupski from security specialist IOActive, announced they'd found a nasty CPU vulnerability, which they named SinkClose.
The flaw endangers essentially all -- yes, all -- AMD processors made since 2006. As I sit here using my brand-new, eight-core 3.8 GHz AMD Ryzen 7 processor-powered HP Pavilion Desktop TP01-223, I am not amused.
Also: The best VPN services (and how to choose the right one for you)
According to an IOActive statement: "The vulnerability is nearly impossible to fix in computers that aren't configured correctly, which is the case for most systems. In properly configured systems, the vulnerability could lead to malware infections -- known as bootkits -- that are nearly impossible to detect."
Digging deeper, SinkClose, officially CVE-2023-31315, can attack multiple generations of EPYC, Ryzen, and Threadripper processors. It has a Common Vulnerability Scoring System (CVSS) score of 7.5, which means it's a serious vulnerability.
Also: You can upgrade your old PC to Windows 11 - even if Microsoft says it's 'incompatible'. Here's how
This vulnerability allows attackers with kernel-level access to escalate privileges to System Management Mode (SMM), a highly privileged state within the CPU. This access, in turn, can enable a hacker to install undetectable malware, making it a severe threat to system security.
That threat sounds scary, but you should note that actors must have "kernel-level" access to attack your system properly. No one's likely to get that level of access to the PC on my or your desktop. Getting that kind of access is too much trouble for too little value. If you have servers, data centers, and clouds, though, it's another story.
Still, as AMD maintained in a note to Dark Reading, SinkClose alone is like: "having the knowledge to break into a safe deposit box at the bank. In the real world, to get to the box, a burglar must first get past the alarms, the guards, the vault door, and its own locks, clearly not an easy task."
Also: Intel chip bug: Which PCs are affected, how to get the patch, and everything else to know
AMD has released security updates to address SinkClose in its newer and most powerful processors, such as the EPYC data center processors and the latest Ryzen models. However, some of its older and still-popular chips, such as the Ryzen 3000, 2000, and 1000 chips, won't be getting patches.
So, what can you do about the issue? Let's go over your options.
First, the complete vulnerability list covers the following processors:
EPYC 1st, 2nd, 3rd, and 4th generations
EPYC Embedded 3000, 7002, 7003, and 9003, R1000, R2000, 5000, and 7000
Ryzen Embedded V1000, V2000, and V3000
Ryzen 3000, 5000, 4000, 7000, and 8000 series
Ryzen 3000 Mobile, 5000 Mobile, 4000 Mobile, and 7000 Mobile series
Ryzen Threadripper 3000 and 7000 series
AMD Threadripper PRO (Castle Peak WS SP3, Chagall WS)
AMD Athlon 3000 series Mobile (Dali, Pollock)
AMD Instinct MI300A
To protect the more recent version of these CPUs, you'll need to ensure your system's BIOS is updated with the latest AMD patches.
Also: What CPU and motherboard do I have? Here are some fast and easy ways to find out
Check with your PC vendor or motherboard manufacturer to see what's available.
As always, you should protect your system with system updates, the correct use of passwords, and two-factor authentication (2FA). After all, if you can keep an attacker out of your system in the first place, they'll never be able to use SinkClose to pry your CPU open.
If you're using an older, unpatched processor, I'd give AMD a piece of your mind. If enough people demand the fixes, the company will issue patches.
Also: Stop paying for third-party antivirus software. Here's why
If you'd rather not wait to see if AMD does the right thing, especially if you're using older AMD CPUs in your servers, you should grit your teeth and buy new computers.
We might get lucky and this threat may become a molehill rather than a mountain. But when it comes to security, I don't believe in luck. I'm already taking steps to protect my AMD-powered machines -- and you should, too.