Guru3D.com
  • HOME
  • NEWS
    • Channels
    • Archive
  • DOWNLOADS
    • New Downloads
    • Categories
    • Archive
  • GAME REVIEWS
  • ARTICLES
    • Rig of the Month
    • Join ROTM
    • PC Buyers Guide
    • Guru3D VGA Charts
    • Editorials
    • Dated content
  • HARDWARE REVIEWS
    • Videocards
    • Processors
    • Audio
    • Motherboards
    • Memory and Flash
    • SSD Storage
    • Chassis
    • Media Players
    • Power Supply
    • Laptop and Mobile
    • Smartphone
    • Networking
    • Keyboard Mouse
    • Cooling
    • Search articles
    • Knowledgebase
    • More Categories
  • FORUMS
  • NEWSLETTER
  • CONTACT

New Reviews
Corsair H170i Elite Capellix XT review
Forspoken: PC performance graphics benchmarks
ASRock Z790 Taichi review
The Callisto Protocol: PC graphics benchmarks
G.Skill TridentZ 5 RGB 6800 MHz CL34 DDR5 review
Be Quiet! Dark Power 13 - 1000W PSU Review
Palit GeForce RTX 4080 GamingPRO OC review
Core i9 13900K DDR5 7200 MHz (+memory scaling) review
Seasonic Prime Titanium TX-1300 (1300W PSU) review
F1 2022: PC graphics performance benchmark review

New Downloads
FurMark Download v1.33.0.0
Intel ARC graphics Driver Download Version: 31.0.101.4091
Corsair Utility Engine Download (iCUE) Download v4.33.138
CPU-Z download v2.04
AMD Radeon Software Adrenalin 23.1.2 (RX 7900) download
GeForce 528.24 WHQL driver download
Display Driver Uninstaller Download version 18.0.6.0
Download Intel network driver package 27.8
ReShade download v5.6.0
Media Player Classic - Home Cinema v2.0.0 Download


New Forum Topics
AMD Confirms Strategy of Restraining Chip Supply to Maintain High CPU and GPU Prices DirectStorage testing reveals that PCIe 3 SSDs are as fast as PCIe 5 SSDs, PCIe 4 SSDs almost similar Rumor: Further GeForce RTX 4090 Ti specs emerge Forspoken Benchmark Test & Performance Analysis Review AMD 7000 Hybrid graphics mode activation problem Cyberpunk 2077 NVIDIA DLSS 3 Update Is Out Now Confused about dithering Netflix threatens to ban customers who share an account unauthorized AMD Software: Adrenalin Edition 22.11.2 - Driver download and discussion Review: Corsair H170i Elite Capellix XT




Guru3D.com » News » New Security Flaw Hits Intel, Laptops this time

New Security Flaw Hits Intel, Laptops this time

by Hilbert Hagedoorn on: 01/12/2018 07:01 PM | source: | 35 comment(s)
New Security Flaw Hits Intel, Laptops this time

F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure. 

Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.

"The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."

F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.

"No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.

A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.








« ASRock introduces Quad M2 PCIe SSD add-in card (with active cooling) · New Security Flaw Hits Intel, Laptops this time · Cherry Releases New MX Low Profile RGB: High-Precision Switch »

7 pages 1 2 3 4 > »


RavenMaster
Senior Member



Posts: 1338
Joined: 2009-08-19

#5510164 Posted on: 01/12/2018 06:57 PM
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, how many times has your PC been hacked at hardware level?

kruno
Senior Member



Posts: 260
Joined: 2017-09-25

#5510165 Posted on: 01/12/2018 06:58 PM
Cr*p, did they even patched last hole in AMT

kruno
Senior Member



Posts: 260
Joined: 2017-09-25

#5510166 Posted on: 01/12/2018 06:59 PM
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?

Hardly,lawsuits in USA has already begun, in any way this "blunders" is going to cost them dearly

Amaze
Senior Member



Posts: 3987
Joined: 2003-11-15

#5510167 Posted on: 01/12/2018 07:00 PM
This isn't a ploy
So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?


Ploys usually don't involve ruining your reputation for years to come.

Denial
Senior Member



Posts: 14010
Joined: 2004-05-16

#5510168 Posted on: 01/12/2018 07:06 PM
This isn't a flaw in Intel hardware also I'm not sure why you posted this article and not the original F-Secure press release. This article states that it requires physical access, which is true - but it also requires the company to not disable AMT and/or change the default username/password for AMT - which is a configuration problem, not a hardware flaw.

The F-Secure article specifically states this:

Is this a vulnerability?

Technically this is not a vulnerability, but a combination of a default password, insecure default configuration, and unexpected behaviour.

This issue has no CVE number, security update or new version available, yet it affects major vendors and large numbers of laptops. AMT has gained popularity over the past few years, and only the latest security guides from Intel highlight the importance of requiring a BIOS password for local provisioning. We have encountered this issue time and time again, and it is locally exploitable in practical situations even when laptops have otherwise been completely hardened. In other words, while Intel has written extensive guides on AMT, they have not had the desired impact on the real world security of corporate laptops. With this announcement our goal is to raise awareness so organizations can have the opportunity to mitigate the issue and improve security in the real world.


Intel can fix this by simply updating the default configuration - but companies could also be avoiding this by following best practices for AMT provisioning.


So these recent vulnerabilities have been around for the past 10 years. Surely they can't have just been discovered only now. Which begs the question - is this all just a ploy to get people to upgrade to Intel 9th gen processors later this year? Processors which will no doubt be assured by Intel to be much safer and immune to these vulnerabilities? Just think - all those old pentiums and celerons that have been inside business computers (still working just fine) yet now needing to be swapped out and upgraded to ensure full safety on a hardware level. Such a plan could backfire and switch people over to AMD. But then AMD isn't without its vulnerabilities now either... is it? Seems a very convenient way to get people to upgrade if you think about it. And over the last 10 years, who has hacked your machine at hardware level?


Why can't they just have been discovered just now? Problems with speculative execution have been known for a while:

https://hackaday.com/2018/01/08/speculative-execution-was-a-troublemaker-for-xbox-360/

But the security aspects of those flaws haven't. Like I keep reading people saying "Intel knew about the backdoor but wanted the performance" or whatever - but what about ARM/Apple/IBM/Microsoft/Linux Kernel devs that are also shipping meltdown affected parts and/or knew about speculative execution issues? Or the various security companies that audit this hardware rather frequently?

It was clearly overlooked.

7 pages 1 2 3 4 > »


Post New Comment
Click here to post a comment for this news story on the message forum.


Guru3D.com © 2023