Skip to main content
  1. Home
  2. Computing
  3. News

Millions of AMD chips are being ignored in major security flaw fix

By
CPU pads on the AMD Ryzen 7 9700X.
Jacob Roach / Digital Trends

Hundreds of millions of AMD CPUs are facing a new vulnerability called Sinkhole. The exploit, which was first reported by Wired, impacts processors dating back to 2006, and it spans nearly all of AMD’s products. That list includes Ryzen, Threadripper, and Epyc CPUs across desktop and mobile, as well as AMD’s data center GPUs. Despite Sinkhole hitting some of AMD’s best processors, only the most recent batch of chips will receive a patch that fixes the vulnerability.

AMD isn’t patching Ryzen 1000, 2000, or 3000 processors, nor is it patching Threadripper 1000 and 2000 CPUs, reports Tom’s Hardware. The company claims that these older CPUs fall outside of its support window, despite the fact that millions are still in use. Still, even the most recent Ryzen 3000 chips were released over five years ago, and it makes sense that AMD would want to focus its support on new chips like the Ryzen 5 9600X and Ryzen 7 9700X.

Recommended Videos

Make no mistake, Sinkhole is a major security flaw. However, it’s not an exploit the vast majority of users need to worry about. Sinkhole, which was discovered by researchers at IOActive, allows attackers to run code in System Management Mode. This operating mode allows close access to the hardware, and it’s where you’ll find firmware running for power management settings, for example. Wired reports that the malware can dig down so deep that it’s easier to discard an infected computer rather than repair it.

Get your weekly teardown of the tech behind PC gaming
Check your inbox!
Privacy Policy

Sounds scary, but an attacker would already need to have deeply infected your PC in order for Sinkhole to play a role. The researchers pointed to something like a bootkit as an example, which runs malicious code before the operating system loads in order to evade antivirus software. AMD says that attackers would already need access to the OS kernel in order for Sinkhole to be on the table. In other words, it would need to be a highly targeted attack on a severely compromised PC. It’s an exploit that should almost never occur on a consumer PC.

Anyone targeted by Sinkhole should get ready for trouble. The researchers say the exploit is so deep that it wouldn’t be picked up antivirus software, regardless of how sophisticated it is, and that malicious code can persist even through a reinstall of the operating system.

AMD has or is going to release a patch for its most recent chips. For consumers, that includes mobile processors dating back to AMD Athlon 3000, and for desktop, we’re talking processors dating back to Ryzen 5000. Although you shouldn’t worry much that Sinkhole will be exploited on your PC, it’s a good idea to patch your processor regardless. AMD says the update won’t come with a performance loss, and a little extra security never hurt anyone.

Editors’ Recommendations

Topics
Jacob Roach
Jacob Roach
Lead Reporter, PC Hardware
Jacob Roach is the lead reporter for PC hardware at Digital Trends. In addition to covering the latest PC components, from…
AMD has nothing to lose, and that’s the problem
AMD CEO holding a Ryzen 7000 processor.

Being the underdog has its benefits. AMD's been running on the sheer momentum of its uphill battle against Intel -- and it's been working.

Over the past seven years, AMD has gone from being a second-rate CPU builder, only judged by its undercutting of the competition from Intel, to an absolute titan. Each generation, it has consistently released some of the best processors money can buy, and even when Intel bites back, AMD holds strong.

Read more
I tested the Ryzen 9 9950X against the Core i9-14900K, and it isn’t pretty
The Ryzen 9 9950X socketed in a motherboard.

AMD said its new Ryzen 9 9950X would be the best processor the world has ever seen, but it's not off to a great start. As you can read in our Ryzen 9 9950X and Ryzen 9 9900X review, AMD's latest flagship provides a few key advantages, but barely moves the needle in several other benchmarks.

Intel's competing Core i9-14900K is proving itself surprisingly relevant in the face of new Zen 5 CPUs, especially considering its lower price. Both of these CPUs are monsters when it comes to gaming and productivity, there's no doubt about that. But contrary to the past few years of CPUs releases, Intel actually has the upper hand in this battle.
Specs

Read more
No one is buying AMD’s new Zen 5 CPUs, and it’s painfully obvious why
The Ryzen 9 9900X sitting on its box.

AMD's new Ryzen 5 9600X and Ryzen 7 9700X, which were aimed at claiming a spot among the best processors, are off to a rocky start. According to early sales numbers from German retailer Mindfactory, the number of new AMD CPUs the website has shipped is only in the double digits, despite being on the market for nearly a week.

Mindfactory is only one retailer, but it actually displays the number of products it sold on its website. The Ryzen 5 9600X has seen over 20 sales, while the Ryzen 7 9700X has had over 30. You can see the lack of enthusiasm for Zen 5 CPUs elsewhere, though. On Amazon's bestsellers page, the last-gen Ryzen 7 7800X3D ranks in the first spot. The first Zen 5 CPU on the list, the Ryzen 7 9700X, is in 47th place.

Read more