Intel has patched a remote execution flaw in millions of its workstation and server chips that remained under the radar for nine years.
“There is an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs,” explained Intel’s security advisory.
The vulnerability, which has been present since 2008, could allow hackers to gain system privileges in vulnerable computer hardware rather than need to go through the operating system, thus avoiding detection.
As Intel’s AMT allows access to a machine’s network hardware, an attacker could exploit the security hole and spread attacks to other systems on a network.
To squash the bug, a firmware update is needed to close the backdoor that looks to be present in millions of Intel chips and therefore millions of computers across the world.
Intel has a patch to fix the vulnerability, but people and businesses with affected machines will likely need to rely on the vendor of their computers and servers to push out the firmware update.
However, the chip maker has advised quick fixes in the from of rather complicated tweaks and disabling or removing the Local Manageability Service on affected systems.
In short, the vulnerability is a serious one and will require computer vendors to work on getting Intel’s firmware fix to customers using affected machines, though users of machines with consumer grade Intel chips appear to be unaffected by the flaw.
In a minor twist if irony, the flaw comes at a time when Intel is spinning out is security division into the reinvigorated McAfee brand.
As life time in chips: what do you know about Intel?
Billionaire battle. Meta's boss Mark Zuckerberg overtakes Jeff Bezos to become the world’s second richest…
Internet domains used by “Russian intelligence agents and their proxies” for cyberattacks, seized by the…
UK's tech billionaire Dr Mike Lynch died from drowning on his superyacht, but his daughter's…
Another recall for thousands of Tesla Cybertrucks over delay with rear camera, with could hamper…
Browser firms write to European Commission alleging Microsoft's Edge web browser enjoys an unfair advantage
Data centre and AI spending spree continues over at Microsoft, with Italy earmarked for €4.3…