Critical vulnerabilities have been discovered in Intel processors!

IT | Nov 24, 2017 | Master3395

Security researchers have discovered several security issues in the Intel remote administration feature (Management Engine), which could enable remote attackers to install rootkits on affected PCs, retrieve data processed inside CPUs, cause computer crashes and obtain full control over the targeted machine.

The Intel Management Engine (ME) is a subsystem that appears in many of Intel’s line of computer processors. It performs tasks during boot-up, while the machine is running, and while the computer is sleeping. An attacker that exploits a vulnerability and gains control over the Intel ME has untethered control over the entire computer.

Intel has released a security advisory on Monday acknowledging that the Management Engine (ME), remote server management tool Server Platform Services (SPS), and hardware authentication tool Trusted Execution Engine (TXE) are vulnerable to multiple critical security vulnerabilities that put millions of users at risk.

According to Intel:
Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

The following Intel firmware  versions are affected:
ME firmware versions 11.0/11.5/11.6/11.7/11.10/11.20
SPS Firmware version 4.0
TXE version 3.0

The chipmaker has published a tool for users that checks and reports if users’ machines are vulnerable.

Keywords: intel, vulnerability

Sources: latesthackingnews

Author: Master3395

Comments:

comments powered by Disqus

Sponsored Ads:

Sponsored Ads: