{"id":870,"date":"2022-08-11T00:12:36","date_gmt":"2022-08-11T00:12:36","guid":{"rendered":"https:\/\/mostaqbal-watan.org\/?p=870"},"modified":"2024-08-25T00:19:01","modified_gmt":"2024-08-25T00:19:01","slug":"amd-yuksek-riskli-sinkclose-guvenlik-acigini-duyurdu","status":"publish","type":"post","link":"https:\/\/mostaqbal-watan.org\/amd-yuksek-riskli-sinkclose-guvenlik-acigini-duyurdu\/","title":{"rendered":"AMD, y\u00fcksek riskli Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 duyurdu!"},"content":{"rendered":"\n

AMD, y\u00fcksek riskli Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 duyurdu!<\/h2>\n\n\n\n

AMD<\/a>, Sinkclose yeni bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 daha duyurdu! \u0130\u015fin k\u00f6t\u00fc yan\u0131, bu a\u00e7\u0131k d\u00fcnya genelinde milyonlarca Ryzen ve EPYC i\u015flemciyi etkileyebilir. Sinkclose olarak adland\u0131r\u0131lan bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, \u201cCVE-2023-31315\u201d koduyla kay\u0131tlara ge\u00e7ti. A\u00e7\u0131k, sald\u0131rganlar\u0131n sistemin en k\u0131r\u0131lgan b\u00f6lgelerinden biri olan \u201csistem y\u00f6netim modu\u201d (SMM) i\u00e7inde zararl\u0131 kod \u00e7al\u0131\u015ft\u0131rmas\u0131na izin veriyor. Peki nas\u0131l \u00f6nlem al\u0131n\u0131r?<\/p>\n\n\n\n

AMD<\/a>, y\u00fcksek riskli Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131 i\u00e7in harekete ge\u00e7ti: Milyonlarca Ryzen ve EPYC i\u015flemci etkileniyor
Bu, ciddi g\u00fcvenlik endi\u015felerine yol a\u00e7abilecek bir vaziyet, \u00e7\u00fcnk\u00fc SMM\u2019de \u00e7al\u0131\u015fan bir sald\u0131r\u0131 kodu, antivirus yaz\u0131l\u0131mlar\u0131 taraf\u0131nca tespit edilemeyen bootkit \u015feklinde k\u00f6t\u00fc fakat\u00e7l\u0131 yaz\u0131l\u0131mlar vas\u0131tas\u0131yla ger\u00e7ekle\u015febilir. Peki, nedir bu Sinkclose?<\/p>\n\n\n\n

\"amd\"
amd<\/figcaption><\/figure>\n\n\n\n

Sinkclose, \u00f6zellikle sistem y\u00f6netim modu (SMM) ad\u0131nda olan ve i\u015flemcilerin \u00f6zel bir \u00e7al\u0131\u015fma modu olan SMM\u2019de ortaya \u00e7\u0131kan bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131d\u0131r. SMM, geli\u015fmi\u015f g\u00fc\u00e7 y\u00f6netimi ve i\u015fletim sistemi ba\u011f\u0131ms\u0131z fonksiyonlar\u0131 sa\u011flamak amac\u0131yla tasarlanm\u0131\u015f ve sadece sistem y\u00f6netim kesintisi (SMI) y\u00f6ntemiyle bu moda eri\u015filebilir.<\/p>\n\n\n\n

Bu mod, geleneksel CPU i\u015flevlerinden ba\u011flar\u0131ms\u0131z olarak \u00e7al\u0131\u015f\u0131r ve sistemin genel g\u00fcvenli\u011fi a\u00e7\u0131s\u0131ndan ele\u015ftiri bir \u00f6neme haiz. Ancak, Sinkclose a\u00e7\u0131\u011f\u0131, sald\u0131rganlar\u0131n SMM moduna s\u0131zarak, zararl\u0131 kod \u00e7al\u0131\u015ft\u0131rmas\u0131na izin veriyor. Peki, hangi i\u015flemciler etkileniyor?<\/p>\n\n\n\n

AMD\u2019nin yay\u0131nlad\u0131\u011f\u0131 g\u00fcvenlik b\u00fcltenine nazaran, bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, Ryzen 3000 serisi ve ilk nesil EPYC i\u015flemciler ba\u015fta olmak \u00fczere, daha yeni birolduk\u00e7a i\u015flemciyi etkiliyor. Bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan etkilenen CPU\u2019lar, d\u00fcnya \u00e7ap\u0131nda milyonlarca kullan\u0131c\u0131ya ula\u015fm\u0131\u015f durumda.<\/p>\n\n\n\n

AMD, bu a\u00e7\u0131\u011f\u0131n etkilerini azaltmak i\u00e7in yeni firmware ve mikro kod g\u00fcncellemeleri sunmaya ba\u015flad\u0131. Ancak, Ryzen 3000 serisi masa\u00fcst\u00fc i\u015flemciler i\u00e7in hen\u00fcz bir d\u00fczeltme planlanmad\u0131. Bu da bu seriyi kullanan kullan\u0131c\u0131lar i\u00e7in \u00f6nemli bir g\u00fcvenlik riski anlam\u0131na geliyor. Peki, \u00e7\u00f6z\u00fcm i\u00e7in ne yapmak gerekiyor?<\/p>\n\n\n\n

AMD, Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 hafifletmek i\u00e7in etkilenen i\u015flemcilere y\u00f6nelik firmware ve mikro kod g\u00fcncellemeleri yay\u0131nlad\u0131. Bu g\u00fcncellemeler, sald\u0131rganlar\u0131n SMM moduna eri\u015fimini zorla\u015ft\u0131racak ve bu t\u00fcr sald\u0131r\u0131lar\u0131n ger\u00e7ekle\u015fmesini engellemeye \u00e7al\u0131\u015facak. AMD, kullan\u0131c\u0131lar\u0131n bu g\u00fcncellemeleri m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede y\u00fcklemelerini \u00f6neriyor.<\/p>\n\n\n\n

\u00d6zellikle kurumsal d\u00fczeyde kullan\u0131lan EPYC i\u015flemciler i\u00e7in bu g\u00fcncellemelerin yap\u0131lmas\u0131, sistemlerin g\u00fcvenli\u011fini sa\u011flamak ad\u0131na kritik bir \u00f6neme haiz. Kullananlar\u0131n, sistem y\u00f6netim yaz\u0131l\u0131mlar\u0131n\u0131 ve BIOS g\u00fcncellemelerini d\u00fczenli olarak denetim etmeleri ve g\u00fcncellemeleri yapmalar\u0131, bu t\u00fcr g\u00fcvenlik a\u00e7\u0131klar\u0131na kar\u015f\u0131 korunmalar\u0131n\u0131 sa\u011flayabilir.<\/p>\n\n\n\n

Ayr\u0131ca, AMD Ryzen 3000 serisi i\u015flemcilerde de benzer riskler mevcut. \u00d6zellikle bireysel kullan\u0131c\u0131lar i\u00e7in, bu t\u00fcr bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n fark\u0131nda olmamak, sistemlerini savunmas\u0131z b\u0131rakabilir. Bu y\u00fczden, kullan\u0131c\u0131lar\u0131n bu t\u00fcr g\u00fcncellemeleri ihmal etmemeleri ve sistemlerini tertipli olarak kontrol etmeleri b\u00fcy\u00fck \u00f6nem ta\u015f\u0131yor.<\/p>\n","protected":false},"excerpt":{"rendered":"

AMD, y\u00fcksek riskli Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 duyurdu! AMD, Sinkclose yeni bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 daha duyurdu! \u0130\u015fin k\u00f6t\u00fc yan\u0131, bu a\u00e7\u0131k d\u00fcnya genelinde milyonlarca Ryzen ve EPYC i\u015flemciyi etkileyebilir. Sinkclose olarak adland\u0131r\u0131lan bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, \u201cCVE-2023-31315\u201d koduyla kay\u0131tlara ge\u00e7ti. A\u00e7\u0131k, sald\u0131rganlar\u0131n sistemin en k\u0131r\u0131lgan b\u00f6lgelerinden biri olan \u201csistem y\u00f6netim modu\u201d (SMM) i\u00e7inde zararl\u0131 kod \u00e7al\u0131\u015ft\u0131rmas\u0131na izin… Daha fazlas\u0131n\u0131 oku »AMD, y\u00fcksek riskli Sinkclose g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 duyurdu!<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":871,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[323],"tags":[348],"class_list":["post-870","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haber","tag-amd"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/posts\/870"}],"collection":[{"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/comments?post=870"}],"version-history":[{"count":3,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/posts\/870\/revisions"}],"predecessor-version":[{"id":1388,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/posts\/870\/revisions\/1388"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/media\/871"}],"wp:attachment":[{"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/media?parent=870"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/categories?post=870"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mostaqbal-watan.org\/wp-json\/wp\/v2\/tags?post=870"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}