Intel CPUs since Skylake susceptible to USB vulnerability
Positive Technologies, which in September said it has a way to drill into Intel's secretive Management Engine technology hideen in its chipsets, dropped more details. The IME is a separate controller on the Intel Platform Platform Controller Hub (PCH), which has access to communication between the processor and other hardware.
The biz has already promised to demonstrate a so-called God-mode hack this December, saying they've found a way for "an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard." Reports the register:
For those who don't know, for various processor chipset lines, Intel's Management Engine sits inside the Platform Controller Hub, and acts as a computer within your computer. It runs its own OS, on its own CPU, and allows sysadmins to remotely control, configure and wipe machines over a network. This is useful when you're managing large numbers of computers, especially when an endpoint's main operating system breaks down and the thing won't even boot properly. Getting into and hijacking the Management Engine means you can take full control of a box, underneath and out of sight of whatever OS, hypervisor or antivirus is installed. This powerful God-mode technology is barely documented and supposedly locked down to prevent miscreants from hijacking and exploiting the engine to silently spy on users or steal corporate data. Positive says it's found a way to commandeer the Management Engine, which is bad news for organizations with the technology deployed.
For some details, we'll have to wait, but what's known now is bad enough: Positive has confirmed that recent revisions of Intel's Management Engine (IME) feature Joint Test Action Group (JTAG) debugging ports that can be reached over USB. JTAG grants you pretty low-level access to code running on a chip, and thus we can now delve into the firmware driving the Management Engine.
With knowledge of the firmware internals, security vulnerabilities can be found and potentially remotely exploited at a later date. Alternatively, an attacker can slip into the USB port and meddle the engine as required right there and then. There have been long-running fears IME is insecure, which is not great as it's built right into the chipset: it's a black box of exploitable bugs, as was confirmed in May when researchers noticed you could administer the Active Management Technology software suite running on the microcontroller with an empty credential string over a network.
High-end Intel CPUs more expensive in EU due to strong dollar - 11/25/2014 09:21 AM
Interesting, as the US Dollar strengthens itself, the prices of some product in the EU start to rise. High-End Intel CPUs for example are seeing a strong increase in pricing. The Core i7-4790K went u...
Acer Aspire R7 Notebook has 4th Generation Intel CPU and Active Stylus Support - 11/21/2013 04:09 PM
Acer America today announced the immediate availability of the new Aspire R7-572, the second generation of Acer's revolutionary notebook that redefined the touch and type computing experience through...
35W Quad-Core Intel Ivy Bridge Intel CPUs for OEMs Detailed - 12/13/2011 12:46 PM
More news on the Intel front today,
AMD benchmarks FX-Series Bulldozer Against Intel CPUs - 09/17/2011 02:54 AM
Over at this weeks IDF AMD was closeby to the Intel event with a mini press event, one of the more interesting demonstrations is a comparison between an unreleased FX-Series processor and some Intel C...
Intel CPU Virtualization confusion undermining Windows 7 XP Mode - 05/08/2009 08:16 AM
The widespread Windows 7 RC release has meant many users attention turned to the OS' recently-announced Windows XP Mode, only to discover what Microsoft had warned from the start: many processors won'...
Senior Member
Posts: 1656
Joined: 2012-04-30
i still see this more of an issue as something like win "spying" on me.
first thing i do is check bios for settings and after windows is installed disable the device in DM.
another reason i'll never run the driver disc from the board/"auto" install shit...
Senior Member
Posts: 11208
Joined: 2003-05-24
if one dont let random usb devices to be attached system it dont mean anything, not so much in corporate environment i guess but knowing what the MEI does is and being out bag at that isnt good cause now those "miscreants" will now be looking for uses of this or find other ways in.
these days people that find this "exploits" dont report to correct people but just make it know to all and make things worse.