Millions of devices could be at risk from Intel Management Engine vulnerabilities

Angelica Greene
November 24, 2017

Sharing no direct memory links, the Minix-based IME is capable of running any code without the host operating system's interference - hence its use to drive Intel's Active Management Technology (AMT), a remote maintenance platform targeting enterprise users managing scores of client systems.

After the announcement by Intel, Dell and Lenovo have posted a list of systems that are affected by the vulnerabilities.

Intel Corporation (NASDAQ:INTC) said this week that just about all of its major computer processors produced over the past few years are affected by a massive security bug that could allow unauthorized access to sensitive system information.

Intel has issued a security alert that management firmware on a number of recent PC, server, and Internet-of-Things processor platforms are vulnerable to remote attack.

The flaws are potentially very risky if an attacker successfully exploited them because they would allow the attacker to run malware that's invisible to the operating system.

The highest-level vulnerabilities, rated at 8.2 and 7.5 on the Common Vulnerability Security Scale (CVSSv3) respectively, are in the most recent versions of Intel Management Engine. Once exploited, the bugs could enable attacks to infiltrate and hijack millions of IoT devices, including PCs.

Intel says the company has provided software patches to fix the issue to all major computer manufacturers. Dell's support website offered patches for servers but not laptop or desktop computers at the time of publication

The chip company carried out an audit after researchers from security firm Positive Technologies discovered several bugs in Intel's closed source ME. It plans to roll out updates through December and January, but lists many models as affected with updates to be determined.

"Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems, and apply any applicable updates as soon as possible", the company told Wired in a statement. Two were found in earlier versions of ME, as well as two in Server Platform Services version 4.0 firmware and two in TXE version 3.0. This is the crucial danger of the ME.

"As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk", it added. "Intel seems anxious enough to publish detection tools and do a well-orchestrated release".

Intel said that it has not identified a single instance where this flaw has been exploited to conduct a cyber attack. They have the broadest impact on PC users: they allow arbitrary remote code execution and privileged information access. But he quickly added that, "on reflection I don't see many outcomes where this is fairly harmless".

And now the US government has waded into the issue, after the US Department of Homeland Security issued guidance on the matter, Reuters has reported.

Jauan Jennings Dismissed by Tennessee After NSFW Rant on Instagram About Staff
The decision came from interim coach Brady Hoke and athletic director John Currie, according to 104-5 The Zone. Jennings leaves Tennessee with career numbers of 57 catches for 746 yards and 7 touchdowns in 26 games.

Brexit dashes Dundee European Capital of Culture bid
Tom Watson, deputy leader of the Labour Party, said some cities have already spent "up to £500,000 on their bid submissions". Councils contacted by Mail Online said they are speaking to the Government to try to get clarity on the shock decision.

Hafiz Saeed 'designated global terrorist', U.S. reminds Pakistan
The US State Department also said that it was displeased by the Pakistani court's verdict to release Saeed from house arrest. India has accused Hafiz Saeed of masterminding the Mumbai attack in November 2008 and the 2001 Parliament attack in Delhi.

Other reports by GizPress

Discuss This Article