- The Role Of AI In Cybersecurity – Boon Or Bane?
- Less Than Half Of Cybersecurity Professionals Have A Plan In Place To Deal With IoT Attacks: Study
- Cyberattacks Go Up For Small Businesses Over The Past Year: Study
- Phishing And Credential Stuffing Attacks Remain Top Threat To Financial Services Organizations And Customers: Study
- IT-Based Attacks Increasingly Impacting OT Systems: Study
Intel patches remote execution hole that’s been hidden in biz, server chips since 2008
By Nisheeth Bhakuni | May 2nd, 2017
Vuln reported in March, now fix is coming... slowly
For the past nine years, millions of Intel workstation and server chips have harbored a security flaw that can be potentially exploited to remotely control and infect systems with spyware.
Specifically, the bug is in Intel’s Active Management Technology (AMT), Standard Manageability (ISM) and Small Business Technology (SBT) firmware versions 6 to 11.6. According to Chipzilla, the security hole allows “an unprivileged attacker to gain control of the manageability features provided by these products.”
That means it is possible for hackers to log into a vulnerable computer’s hardware – right under the nose of the operating system – and silently tamper with the machine, install virtually undetectable malware, and so on, using AMT’s features. This is potentially possible across the network because AMT has direct access to the computer’s network hard.
“Consumer PCs are not impacted by this vulnerability. We are not aware of any exploitation of this vulnerability. We have implemented and validated a firmware update to address the problem”, said an Intel spokesperson.
Nisheeth Bhakuni
