Millions of devices could be at risk from Intel Management Engine vulnerabilities

Angelica Greene
November 24, 2017

Sharing no direct memory links, the Minix-based IME is capable of running any code without the host operating system's interference - hence its use to drive Intel's Active Management Technology (AMT), a remote maintenance platform targeting enterprise users managing scores of client systems.

After the announcement by Intel, Dell and Lenovo have posted a list of systems that are affected by the vulnerabilities.

Intel Corporation (NASDAQ:INTC) said this week that just about all of its major computer processors produced over the past few years are affected by a massive security bug that could allow unauthorized access to sensitive system information.

Intel has issued a security alert that management firmware on a number of recent PC, server, and Internet-of-Things processor platforms are vulnerable to remote attack.

The flaws are potentially very risky if an attacker successfully exploited them because they would allow the attacker to run malware that's invisible to the operating system.

The highest-level vulnerabilities, rated at 8.2 and 7.5 on the Common Vulnerability Security Scale (CVSSv3) respectively, are in the most recent versions of Intel Management Engine. Once exploited, the bugs could enable attacks to infiltrate and hijack millions of IoT devices, including PCs.

Intel says the company has provided software patches to fix the issue to all major computer manufacturers. Dell's support website offered patches for servers but not laptop or desktop computers at the time of publication

The chip company carried out an audit after researchers from security firm Positive Technologies discovered several bugs in Intel's closed source ME. It plans to roll out updates through December and January, but lists many models as affected with updates to be determined.

"Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems, and apply any applicable updates as soon as possible", the company told Wired in a statement. Two were found in earlier versions of ME, as well as two in Server Platform Services version 4.0 firmware and two in TXE version 3.0. This is the crucial danger of the ME.

"As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk", it added. "Intel seems anxious enough to publish detection tools and do a well-orchestrated release".

Intel said that it has not identified a single instance where this flaw has been exploited to conduct a cyber attack. They have the broadest impact on PC users: they allow arbitrary remote code execution and privileged information access. But he quickly added that, "on reflection I don't see many outcomes where this is fairly harmless".

And now the US government has waded into the issue, after the US Department of Homeland Security issued guidance on the matter, Reuters has reported.

Indian army trooper, militant killed on Kashmir LoC
Additional reinforcements were rushed to the site of the encounter and search operations launched. He added that a soldier was killed during the encounter while two others sustained injuries.

Brexit dashes Dundee European Capital of Culture bid
Tom Watson, deputy leader of the Labour Party, said some cities have already spent "up to £500,000 on their bid submissions". Councils contacted by Mail Online said they are speaking to the Government to try to get clarity on the shock decision.

Bangladesh and Myanmar sign deal to return Rohingya Muslims
Given the refugees' claims, there is no indication how numerous displaced Rohingya might actually want to return to Myanmar. Rohingya at a refugee camp in Bangladesh expressed deep doubts about the agreement.

Other reports by GizPress

Discuss This Article