Smartphone, Gadgets, Android, iOS Hacks, News and Tips

Intel announces vulnerability in firmware

0

Intel has issued a security alert that management firmware on a number of recent PC, server, and IoT processor platforms are vulnerable to remote attack. Mark Ermolov and Maxim Goryachy of Positive Technologies Research detected the worst vulnerabilities. They would allow a hacker to launch commands remotely on a large number of Intel computers. These include both laptops and PCs that have the Core i5 processor built from 2015 onwards.

Information on the Intel Vulnerabilities

The hacker can then gain access to privileged system information. Millions of computers could essentially be taken over as a result of the bug. Most of the vulnerabilities require physical access to the targeted device, but one allows remote attacks with administrative access.

Intel has responded by developing a detection tool it has posted on its support site. This tool supports both Windows and Linux devices. It helps a user find out if his or her device will be affected by this vulnerability. In the security alert, members of Intel’s security team stated that “in response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.”

The PCs affected are as follows.

  • Intel Core processors from the 6th generation (“Skylake”), 7th generation (“Kaby Lake”), & 8th Generation (“Kaby Lake-R” and “Coffee Lake”) families—the processors in most desktop and laptop computers since 2015;
  • Multiple Xeon processor lines, including the Xeon Processor E3-1200 v5 & v6 Product Family, Xeon Processor Scalable family, and Xeon Processor W family;
  • The Atom C3000 Processor Family and Apollo Lake Atom Processor E3900 series. This is for both networked and embedded devices and Internet of Things platforms, and
  • Apollo Lake Pentium and Celeron™ N and J series Processors for mobile computing.

The detection tool was mainly made for enterprises but can be used by individual users too.

Leave A Reply

Your email address will not be published.