https://www.techpowerup.com/239677/i...bling-rollback
It's been an interesting month for users as we've discovered that the most widely-used OS in the world could be one most of us had never even heard anything about before. Intel's Management Engine, a full-fledged computer inside Intel CPUs, runs on MINIX, and after it was outed that Intel's CPUs ran on it, multiple issues have been found with the approach, which has moved Intel towards outing a detection tool.
Intel is seemingly poising to move towards a full hardware lock of the Management Engines' capabilities, thus ensuring it can't be disabled. And even if Intel does send out firmware fixes for its already deployed CPUs with ME integration, the fact remains that the memory pool where the firmware is written is, well, re-writable - given enough access, miscreants could simply re-flash the ME to an earlier, vulnerable version, and thus acquire God Mode access to a victim's computer. To tackle both issues, Intel is moving towards a hardware lock of their ME.
Bookmarks