Thursday, 3 April 2025
24.9 C
Singapore
26.8 C
Thailand
20.7 C
Indonesia
27 C
Philippines

AMD to skip patches for older chips affected by the ‘Sinkclose’ security flaw

AMD wonโ€™t patch older chips for the 'Sinkclose' flaw, leaving some processors vulnerable; users might need to upgrade for complete protection.

You might be surprised that not all AMD chips will receive updates to fix a newly discovered security vulnerability known as “Sinkclose.” Researchers from IOActive discovered this flaw, which affects many AMD processors dating back to 2006. However, AMD has decided not to release patches for several of its older chip models, leaving them exposed to potential risks.

Which chips are affected?

The “Sinkclose” vulnerability is a significant concern, especially for those managing older systems. According to a report from Wired, most AMD processors produced since 2006 are impacted by this flaw. It allows hackers to run malicious code within the chips’ System Management Mode (SMM), which is usually a secure environment thatโ€™s difficult to access. The vulnerability poses a higher risk for governments and large organisations than individual users, as exploiting it requires deep access to a system.

Despite the severity of the flaw, AMD has announced that it won’t release patches for some older chip series. These include the Ryzen 1000, 2000, and 3000 series and the Threadripper 1000 and 2000 series. AMD explained that these chips are considered “older products outside our software support window.” In other words, they no longer fall under the period during which AMD provides regular software updates and security patches.

What’s the impact?

This means that users of these older chip models’ systems will remain vulnerable to the Sinkclose flaw unless they upgrade to newer hardware. The decision to exclude these older chips from the patching process could leave many legacy systems at risk, especially in environments where upgrading hardware isn’t always feasible.

While AMD has assured users that newer models and all embedded processors will receive the necessary patches, those still using older processors may need to reconsider their options. The company’s focus on more recent hardware means that if youโ€™re using one of the unsupported chips, you might be on your own in terms of security.

The Sinkclose flaw’s potential impact must be balanced, particularly in environments where security is paramount. However, AMD’s decision reflects a standard industry practice where older hardware loses support as companies shift resources to newer products. While this is understandable from a business perspective, it does leave certain users in a difficult position.

What should you do?

If you’re running one of the older AMD processors affected, consider assessing the security risks to your systems. The risk may be minimal for individuals, but for businesses or organisations, especially those handling sensitive information, it could be a different story. Upgrading to newer hardware might be necessary to ensure your systems are fully protected.

The discovery of the Sinkclose vulnerability reminds us of the importance of keeping our hardware and software up to date. Security flaws like these can emerge at any time, and the best defence is to ensure that our systems are running on supported, regularly updated hardware.

Hot this week

Perplexity CEO dismisses financial concerns, confirms no IPO before 2028

Perplexity CEO Aravind Srinivas denies financial troubles, confirms the company has no plans for an IPO before 2028, and explains product changes.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Huawei reports 38% revenue surge as smartphone sales soar

Despite US sanctions, Huaweiโ€™s consumer business revenue surged 38% in 2024, driven by strong smartphone sales and home-grown chip production.

Krafton strengthens presence in India with Nautilus Mobile acquisition

Krafton acquires a controlling stake in Indian gaming studio Nautilus Mobile for US$14M, strengthening its foothold in Indiaโ€™s growing gaming market.

World Backup Day 2025 highlights the shift from backup to restore in AI-driven era

Pure Storage calls for a shift from backup to rapid restore on World Backup Day 2025, highlighting AIโ€™s demand for resilient data recovery.

Qualcomm expands AI research with MovianAI acquisition

Qualcomm has acquired Vietnamese AI research firm MovianAI to boost its AI development in smartphones, PCs, and software-defined vehicles.

Roblox introduces new parental controls to enhance child safety

Roblox introduces new parental controls, allowing parents to block games, restrict friends, and monitor their childโ€™s activity for better safety.

Anthropic introduces Claude for Education, a new AI chatbot plan for universities

Anthropic launches Claude for Education, an AI chatbot plan for universities that offers advanced learning tools and administration support.

Exabeam introduces Nova, an agentic AI that boosts cybersecurity operations

Exabeam unveils Nova, a proactive AI agent that boosts security team productivity and reduces incident investigation time by over 50%.

Related Articles