Tuesday, 22 January 2019
Latest news
Main » Intel Management Engine Flaws Leave Millions of PCs Exposed

Intel Management Engine Flaws Leave Millions of PCs Exposed

24 November 2017

Intel said that along with these, the Management Engine is also vulnerable to buffer overflows and other flaws that can be exploited for privilege escalation, local code execution, and remote code execution. Following the discovery, the company has made a Detection Tool available for both Windows and Linux users to check their device's vulnerability.

The latest salvo was September's promise by Russian researchers Maxim Goryachy and Mark Ermolov of Positive Technologies to host a session at next month's Black Hat Europe event during which they would demo an exploit capable of compromising ME to gain "god mode" control over a PC.

For more information about the Intel ME security bugs, you can read the security advisory using this link.

PC makers Dell and Lenovo have issued their own alerts on their respective websites encouraging users to install patches for the issues when they become available (unfortunately there's no ETA on those patches yet, so hundreds of millions of systems remain at risk right now).

The flaws affect Management Engine (ME), Trusted Execution Engine (TXE), and Server Platform Services (SPS).

ME supports Intel's Active Management Technology (AMT), a powerful tool that allows admins to remotely manage devices used in business and education, even when the device is not booted.

According to Intel, the vulnerabilities were discovered during a comprehensive security audit conducted by an external cybersecurity researching team. It plans to provide BIOS updates for these products that customers can download around mid-December, according to an advisory.

In the worst case scenario, the vulnerabilities can allow hackers to "load and execute arbitrary code outside the visibility of the user and operating system", Intel wrote in the security bulletin. DHS also counselled users to contact the manufacturer directly for software updates and advice on how to mitigate the threat that the chip vulnerability could pose to individual computers and to networks.

After the announcement by Intel, Dell and Lenovo have posted a list of systems that are affected by the vulnerabilities.

Intel Management Engine firmware updates v11.0 through v11.2 had 4 vulnerabilities and 2 more were found in earlier versions of ME while 2 were found in Server Platform Services v4.0 firmware and another 2 in TXE v3.0.

Still, the true impact of current ME vulnerability isn't clear, given the relatively limited amount of information Intel has released.

A new flaw discovered in Intel chips could make millions of devices vulnerable to malicious attacks.

While it will take time to learn about the full impact of these ME bugs, Mathew Garrett, a Google's security expert, talked about possible impact suggesting that the flaws are unlikely to be harmless.

Intel Management Engine Flaws Leave Millions of PCs Exposed