Millions of devices could be at risk from Intel Management Engine vulnerabilities

midian182

Posts: 9,632   +120
Staff member

Intel has issued a security advisory over security flaws on its PC, server, and Internet-of-Things processors that make the platforms vulnerable to remote attacks. Mark Ermolov and Maxim Goryachy of Positive Technologies Research identified the issues, and will reveal full details of the Intel Management Engine flaws in a talk at the Black Hat Europe security conference on December 6.

Intel writes that an attacker could use the vulnerabilities to “gain unauthorized access to the platform, [the] Intel ME feature, and third-party secrets protected by the Intel Management Engine, Intel Server Platform Service (SPS), or Intel Trusted Execution Engine (TXE).” From there, a hacker could load and execute arbitrary code outside the visibility of the user and operating system, impersonate the ME/SPS/TXE, and cause the system to crash or become unstable.

Intel has published a list of the processors affected by the vulnerabilities.

  • 6th, 7th and 8th Generation Intel Core processors
  • Intel Xeon E3-1200 v5 and v6 processors
  • Intel Xeon Scalable processors
  • Intel Xeon W processors
  • Intel Atom C3000 processors
  • Apollo Lake Intel Atom E3900 series
  • Apollo Lake Intel Pentiums
  • Celeron N and J series processors

"Intel Management Engine is a proprietary technology that consists of a microcontroller integrated into the Platform Controller Hub (PCH) microchip with a set of built-in peripherals," the Black Hat talk abstract stated. "The PCH carries almost all communication between the processor and external devices; therefore, Intel ME has access to almost all data on the computer, and the ability to execute third-party code allows compromising the platform completely."

Both Dell and Lenovo have posted long lists of affected systems. Intel has also provided a detection tool on its support website to identify vulnerable Windows and Linux systems, though it’s aimed at enterprise use.

The good news is that there are no reports of the vulnerabilities being exploited, but that could soon change. Motherboard and system makers have started integrating patches into their upcoming BIOS updates.

"We worked with equipment manufacturers on firmware and software updates addressing these vulnerabilities, and these updates are available now," Intel said in a statement. "Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems, and apply any applicable updates as soon as possible."

Permalink to story.

 
I wondered if this was the same vulnerability mentioned already recently, but the Intel document was released Nov 20th, updated Nov 21st. Just to be safe, I downloaded and ran the GUI tool and it said I am not vulnerable. The last time vulnerabilities in the Intel Management Engine were mentioned I downloaded the most recent IME from Asus along with a IME patch. That seems to have been enough.
The tool to check is nice though, in an instant it lets you know your status
 
>> Mark Ermolov and Maxim Goryachy of Positive Technologies Research identified the issues

Proper title should be:
Millions of devices hacked by Russians
jk;)
 
I am waiting for the day that these companies are forced to "recall" defective chips the same as we do automobiles and other defective appliances. The damage they can cause is far more extensive and should be treated the same. It has become evident that NO industry can regulate themselves because they put their energies into trying to cover up the issues rather than fixing them and making good on the harm that is caused by incomplete programming, testing, and a 1st rate quality control system.
 
The damage they can cause is far more extensive and should be treated the same
Well the next time a computer killed someone because the proc is defective sure do. A patch can fix it so why recall.

Banking systems failing can cause a heart attack to more than one, when you realize Intel wants their chips in autonomous driving cars you start to wonder about their processors killing someone.
 
Lucky me; "MEInfoWin.exe authentication has failed". Console program fails similarly.

Dell N5040 with Intel(R) Core(TM) i3 CPU M380 @ 2.53ghz
 
I am waiting for the day that these companies are forced to "recall" defective chips the same as we do automobiles and other defective appliances. The damage they can cause is far more extensive and should be treated the same. It has become evident that NO industry can regulate themselves because they put their energies into trying to cover up the issues rather than fixing them and making good on the harm that is caused by incomplete programming, testing, and a 1st rate quality control system.

Last I checked, nobody died from an exploit.
 
I am waiting for the day that these companies are forced to "recall" defective chips the same as we do automobiles and other defective appliances. The damage they can cause is far more extensive and should be treated the same. It has become evident that NO industry can regulate themselves because they put their energies into trying to cover up the issues rather than fixing them and making good on the harm that is caused by incomplete programming, testing, and a 1st rate quality control system.

Last I checked, nobody died from an exploit.

How does update fix this if this is problem with processors? That why he said recall.

This not exploit in OS but problem is the processors
 
I am waiting for the day that these companies are forced to "recall" defective chips the same as we do automobiles and other defective appliances. The damage they can cause is far more extensive and should be treated the same. It has become evident that NO industry can regulate themselves because they put their energies into trying to cover up the issues rather than fixing them and making good on the harm that is caused by incomplete programming, testing, and a 1st rate quality control system.

Last I checked, nobody died from an exploit.

How does update fix this if this is problem with processors? That why he said recall.

This not exploit in OS but problem is the processors
They can issue microcode updates. Usually done via bios updates.
 
Back