Intel patches remote execution hole that’s been hidden in biz, server chips since 2008

Intel patches remote execution hole that’s been hidden in biz, server chips since 2008

By | May 2nd, 2017
No Comments on Intel patches remote execution hole that’s been hidden in biz, server chips since 2008

Vuln reported in March, now fix is coming... slowly


														
							

For the past nine years, millions of Intel workstation and server chips have harbored a security flaw that can be potentially exploited to remotely control and infect systems with spyware.

Specifically, the bug is in Intel’s Active Management Technology (AMT), Standard Manageability (ISM) and Small Business Technology (SBT) firmware versions 6 to 11.6. According to Chipzilla, the security hole allows “an unprivileged attacker to gain control of the manageability features provided by these products.”

That means it is possible for hackers to log into a vulnerable computer’s hardware – right under the nose of the operating system – and silently tamper with the machine, install virtually undetectable malware, and so on, using AMT’s features. This is potentially possible across the network because AMT has direct access to the computer’s network hard.

“Consumer PCs are not impacted by this vulnerability. We are not aware of any exploitation of this vulnerability. We have implemented and validated a firmware update to address the problem”, said an Intel spokesperson.

Source

Google
Nisheeth Bhakuni