SECURITY PROBLEMS have plagued the Intel Management Engine for years, but the chipmaker is only just confirming the severity of the flaws.
The technology, which is a core part of Intel Active Management Technology (AMT), is present on many of the company’s CPUs and can even remain active when a PC is turned off.
But for years, security specialists have identified a conveyor belt of exploitable security flaws.
On Monday, Intel posted a new security advisory warning manufacturers and users of a string of new vulnerabilities and bugs found in the management engine, along with Server Platform Services and the Trusted Execution Engine.
Intel recently completed a security audit to identify and explore potential vulnerabilities affecting the Management Engine, following warnings from security researchers.
The company is clearly trying to take these vulnerabilities seriously and has since unveiled a detection tool. This is intended to provide Windows and Linux systems administrators with the ability to check their systems for flaws.
Attackers have been capitalising on the fact that the management engine has access to important system processes, and Intel has confirmed that the worst-case scenarios could become a reality.
In particular, cyber criminals can cause instability with complete system crashes by exploiting the management engine. They’ve also found a way to “impersonate” the engine and, in the process, kill existing PC security mechanisms.
Then arbitrary code can be deployed. In most cases, the user will be unaware of what’s happening to their system.
The affect Intel chips, servers, PCs and other connected devices. Intel has the ability to issue updates, but it’s up to hardware manufacturers to implement them – which means that most devices won’t be updated, especially consumer PCs.
Speaking to Wired, a spokesperson for the company said: “Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems.”
In the accompanying advisory, it added: “In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of the following with the objective of enhancing firmware resilience:
- Intel Management Engine (Intel ME);
- Intel Trusted Execution Engine (Intel TXE);
- Intel Server Platform Services (SPS).
“Intel has identified security vulnerabilities that could potentially impact certain PCs, servers, and IoT platforms. Systems using Intel ME Firmware versions 11.0.0 through 11.7.0, SPS Firmware version 4.0, and TXE version 3.0 are impacted.
“To determine if the identified vulnerabilities impact your system, download and run the Intel-SA-00086 Detection tool. Contact your system manufacturer to obtain updates for impacted systems.” µ
Source : Inquirer