• @breadsmasher@lemmy.world
    link
    fedilink
    94 months ago

    Not quite a nothingburger

    Nissim and Okupski note that exploiting the bug would require hackers to already have obtained relatively deep access to an AMD-based PC or server, but that the Sinkclose flaw would then allow them to plant their malicious code far deeper still. In fact, for any machine with one of the vulnerable AMD chips, the IOActive researchers warn that an attacker could infect the computer with malware known as a “bootkit” that evades antivirus tools and is potentially invisible to the operating system, while offering a hacker full access to tamper with the machine and surveil its activity.

    • @Auli@lemmy.ca
      link
      fedilink
      14 months ago

      Woudn’t secure boot catch this as long as you don’t have one of the boards with the do not use key.

    • BlackLaZoR
      link
      fedilink
      -24 months ago

      I know, but this requires a supply chain attack - not a likely thing to happen,

      • @breakingcups@lemmy.world
        link
        fedilink
        34 months ago

        This does not require a supply chain attack, just a user ignorantly clicking yes on a UAC prompt. After which the machine is forever compromised, even after replacing ssds / hdds.

          • @Breadhax0r@lemmy.world
            link
            fedilink
            24 months ago

            From my understanding it allows malicious code to be installed in protected memory on the CPU itself, so you can’t get rid of it once it’s there without a lot of extra work