To Customer Support To Customer Support

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets

  • 21 November 2017
  • 3 replies
  • 335 views
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54

Bugs can be exploited to extract info, potentially insert rootkits

By Thomas Claburn in San Francisco 20 Nov 2017 

 Intel today admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) are vulnerable to multiple worrying security flaws, based on the findings of external security experts.
 
The firmware-level bugs allow logged-in administrators, and malicious or hijacked high-privilege processes, to run code beneath the operating system to spy on or meddle with the computer completely out of sight of other users and admins. The holes can also be exploited by network administrators, or people masquerading as admins, to remotely infect machines with spyware and invisible rootkits, potentially.
 
Full Article.

3 replies

Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
21st November 2017  By Catalin Cimpanu
 


 
Intel published a security advisory last night detailing eight vulnerabilities that impact core CPU technologies such as the Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE).
 
The vulnerabilities are severe enough to allow attackers to install rootkits on vulnerable PCs, retrieve data processed inside CPUs, and cause PC crashes —which should be the least of someone's worries.
One of the affected products is the Intel Management Engine, a technology that is often described as a secret CPU inside the main Intel CPU. The ME component runs independently from the user's main OS, with separate processes, threads, memory manager, hardware bus driver, file system, and many other components. An attacker that exploits a flaw and gains control over the Intel ME has untethered control over the entire computer.
 
The CPU maker has released firmware updates to address these flaws. The updates are not available to the general public, as chipset and motherboard vendors will have to integrate the updates into their own updates. Lenovo has already issued patches for some products that are using vulnerable Intel ME, SPS, or TXE technologies.
 
Full Article.
R
Rank
Userlevel 7
Ouch!!!! Good to hear Intel is on top of this issue.....Hats off to them.
Jasper_The_Rasper
Rank
Userlevel 7
Badge +54
Last Reviewed: 22-Nov-2017Article ID: 000025619 
Intel® Management Engine (Intel® ME 11.0.0-11.7.0), Intel® Trusted Execution Engine (Intel® TXE 3.0), and Intel® Server Platform Services (Intel® SPS 4.0) vulnerability (Intel-SA-00086)
In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of the following with the objective of enhancing firmware resilience:
 
Full Article.

Reply


Terms & Conditions

© 2004 - Webroot Inc.

We have recently updated our Privacy Policies. We encourage you to read the full terms here.