Millions of Intel Processors Are Vulnerable to Attack

By

Intel has acknowledged the seriousness of the Active Management Technology (AMT) vulnerability.

Earlier this year, there were multiple reports of vulnerabilities in Intel’s Management Engine (ME) that allows remote management of corporate systems. The vulnerabilities were discovered by a researcher at Embedi, a firm that specializes in securing IoT devices.

Embedi said that the Intel Active Management Technology (AMT) vulnerability was the first of its kind. “The exploitation allows an attacker to get full control over a business computers, even if they are turned off (but still plugged into an outlet),” wrote Embedi in an advisory.

“By nature, the Intel AMT exploitation bypasses authentication. In other words, an attacker may have no credentials and still be able to use the Intel AMT functionality. Access to ports 16992/16993 are the only requirement to perform a successful attack,” wrote Embedi.

Now, after months of analysis, Intel has admitted that these vulnerabilities leave millions of corporate PCs exposed to attacks.

Intel said on its product security page, “In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel Management Engine (ME), Intel Trusted Execution Engine (TXE), and Intel Server Platform Services (SPS) with the objective of enhancing firmware resilience. As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.”

The affected products include sixth, seventh, and eighth generation Intel Core Processor Family; the Intel Xeon Processor E3-1200 v5 and v6 Product Family; the Intel Xeon Processor Scalable Family; the Intel Xeon Processor W Family; the Intel Atom C3000 Processor Family; the Apollo Lake Intel Atom; the Processor E3900 series; and the Apollo Lake Intel Pentium and Celeron N and J series processors.

Intel has released a Windows 10 tool to analyze a system for vulnerability that can be downloaded and a tool for Linux that can be found online.

Intel is working with PC vendors to push a firmware update. Please update your system now.

11/21/2017
comments powered by Disqus