Chipzilla is having a rough time of it, Meltdown and Spectre is causing a PR nightmare, it can?t get trouble-free patches to install and now a new long term bug has been found.
F-Secure has revealed another weakness in Intel's management firmware that could allow an attacker with brief physical access to PCs to gain persistent remote access to the system.
The flaw has been part of Intel chips for at least ten years and is due to weak security in Intel's Active Management Technology (AMT) firmware - remote "out of band" device management technology.
The latest vulnerability - discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post - is one of those bugs which is supposed to be a feature.
But it means that notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer - even bypassing
BIOS passwords, Trusted Platform Module personal identification numbers, and BitLocker disk encryption passwords - by rebooting the computer, entering its BIOS boot menu, and selecting the configuration for Intel's Management Engine BIOS Extension (MEBx).
If MEBx hasn't been configured by the user or by their organisation's IT department, the attacker can log into the configuration settings using Intel's default password of "admin".
The attacker can then change the password, enable remote access, and set the firmware to not give the computer's user an "opt-in" message at boot time.
Reply With Quote
Bookmarks