Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

AMD changes its mind, says it will patch more Ryzen chips against security flaw

A render of an AMD Ryzen 7000 laptop APU.

AMD has had a change of heart when it comes to patching the Sinkclose vulnerability on Ryzen 3000 desktop chips.

As per the latest update to its SMM Lock Bypass Security Bulletin, the famed silicon will receive an update after all - but other older chips, unfortunately, are still being given the cold shoulder.

It was recently revealed most AMD chips built over the past 18 years are vulnerable to Sinkclose, a critical severity flaw which could allow threat actors to break into the target system - unseen. At the time, the company said that it will be patching newer models, but older ones - especially those who had reached end-of-life - are left for dead, despite some of them being extremely popular among the consumers.

Stealing from the archives

"There are some older products that are outside our software support window,” AMD said at the time, meaning products in the Ryzen 1000, 2000, and 3000 series, as well as the Threadripper 1000 and 2000 models, were being left behind.

On the other end, all generations of AMD's EPYC processors for the data center, the latest Threadripper, and Ryzen processors, as well as the MI300A data center chips, have all been patched.

The Sinkclose vulnerability allows threat actors to run malicious code inside the System Management Mode (SMM) of AMD processors, which is a high-privilege area reserved for critical firmware operations. To be able to exploit the vulnerability, an attacker would first need to compromise the endpoint separately. Fortunately, there is currently no evidence that any malicious actors discovered, or used, this flaw in the past.

The update should arrive on August 20, 2024, meaning by the time this article gets published, the patch should be available for download.

Ryzen Threadripper 3000, Threadripper Pro 3000WX, Zen 2 EPYC (7002), Ryzen 3000 mobile, and Ryzen 3000/4000 APUs have all been patched, already. As things stand now, Zen processors are still being left for dead.

Via Tom's Hardware

More from TechRadar Pro

  • Some of the most iconic AMD chips have a serious security flaw — which the company says it probably won't patch now
  • Here's a list of the best firewall software around today
  • These are the best endpoint security tools right now
Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
One subscription that gives you access to news from hundreds of sites
Already a member? Sign in here
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.