Gigabyte details BIOS roll-out plan to neutralize Sinkclose vulnerability — eligible AMD CPUs should be patched by end of the month

[Pelican Press 0]

This is the hidden content, please

• Sign In
• or
• Sign Up

Gigabyte details BIOS roll-out plan to neutralize Sinkclose vulnerability — eligible AMD CPUs should be patched by end of the month

data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///ywAAAAAAQABAAACAUwAOw==

Gigabyte published an

This is the hidden content, please

• Sign In
• or
• Sign Up

stating it will release the new BIOS with the latest AGESA containing the ‘Sinkclose’ vulnerability patch for many of its AMD motherboards in succession by the end of August. The flaw exclusively affected the entire line of AMD processors released since 2006, requiring a wide range of CPUs to be updated with a new firmware containing the required AGESA microcode.

Considering the potential of this flaw and the release of the much-needed AGESA patches, it’s a norm for other motherboard makers to release the patched BIOS quickly once the AGESA patch is out. It’s safe to speculate since hackers did not exploit this for 18 years, it’s unlikely users would need to be concerned until they receive the BIOS for their AMD motherboards. That said, end users must update the respective motherboard BIOS once it is released. Since many motherboard makers like Gigabyte have included tools to flash BIOS quickly, it will not be difficult for most.

Only three days ago, AMD decided to patch the Sinkclose vulnerability on its Ryzen 3000 series desktop process, coming close to patching all the CPUs released since 2006. The company did assure at an earlier date that there is no impact expected once the new AGESA-included BIOS are installed on respective motherboards. The following chipsets are the ones that will be patched, along with their BIOS AGESA versions:

Swipe to scroll horizontally

Motherboard Models	BIOS AGESA version
AM5 600 series	AMD AGESA 1.2.0.1 for Ryzen 8000/ 7000-series Processors
AM4 500/ 400/ 300 series	AMD AGESA 1.2.0.Cb for Ryzen 5000/ 5000G/ 4000G-series Processors AMD AGESA 1.2.0.Cc for Ryzen 3000-series Processors
sTRX4 TRX40 series	AMD AGESA 1.0.0.B for Ryzen Threadripper 3000-series Processors
sTR5 TRX50 series	AMD AGESA 1.1.0.0f for Ryzen Threadripper PRO 7000/ Ryzen Threadripper 7000-series Processors

As a quick recap, the Sinkclose vulnerability allows the hacker to gain access to the AMD processor’s System Management mode, allowing them to exploit the system’s kernel provided the system is already affected by another *******. Though this is difficult, due to the wide range of AMD processors sold since 2006, this puts many users at potential risk. 

Researchers have detected many such risks earlier, who then responsibly warn the public and inform the company with the necessary details. Some mitigations have performance loss to a certain extent after the patch. Many security researchers have done this for all chipmakers over the years, which has helped countless users. Naturally, the solution would need to come from the chipmaker, who then ships it to a partnered motherboard maker.

Since they’re not on the BIOS deployment plan, we’ve contacted AMD to clarify whether the latest Ryzen 9000 and Ryzen AI 300 processors were patched before their release. However, the chipmaker hasn’t responded to our inquiry.

Get Tom’s Hardware’s best news and in-depth reviews, straight to your inbox.

This is the hidden content, please

• Sign In
• or
• Sign Up

#Gigabyte #details #BIOS #rollout #plan #neutralize #Sinkclose #vulnerability #eligible #AMD #CPUs #patched #month

This is the hidden content, please

• Sign In
• or
• Sign Up

This is the hidden content, please

• Sign In
• or
• Sign Up

For verified travel tips and real support, visit: https://hopzone.eu/