Intel Security Flaw Affects Pentium, Atom, Celeron Chips

Researchers have uncovered security vulnerabilities in a series of low powered processors from chip giant Intel.

The flaw was found by researchers Mark Ermolov and Dmitry Sklyarov (of Positive Technologies) and Maxim Goryachy (independent), Ars Technica reported.

Positive Technologies it should be remembered found a flaw in Intel processors in March 2020, namely the Converged Security Management Engine, that could have allowed attackers to remotely extract root cryptographic keys. It said at the time that the issue affected all Intel chips manufactured in the past five years.

Chip flaw

This new vulnerability however affects Pentium, Atom and Celeron chips, with the Apollo Lake and Gemini Lake architectures.

These low powered chips are often found in laptops, tablets and even cars, but the good news is that the attacker would require physical access to the chip, and there is already a patch available.

However the vulnerability means it is fairly easy (it reportedly takes only 10 minutes) for skilled hackers with local access to a device, to steal security keys.

Basically the hacker can obtain the “fuse encryption key” unique to each CPU.

Therefore the advice is to install the Intel update, which is available as a BIOS update for motherboards, or from device manufacturers, as soon as possible.

The vulnerability allows skilled hackers with possession of an affected chip to run it in debug and testing modes used by firmware developers.

Intel and other chipmakers of course usually go to great lengths to prevent such access by unauthorised personnel, Ars Technica reported.

Once in developer mode, the hacker can extract the key used to encrypt data stored in the TPM enclave, and in the event TPM is being used to store a Bitlocker key, defeat that latter protection as well.

A hacker could also reportedly bypass code-signing restrictions that prevent unauthorised firmware from running in the Intel Management Engine, a subsystem inside vulnerable CPUs, and from there permanently backdoor the chip.

Each Intel processor has a unique key used to generate follow-on keys for things like Intel’s TPM, Enhanced Privacy ID, and other protections that rely on the features built into Intel silicon.

But the hacker can cloning the master-key.

“We found out that you can extract this key from security fuses,” Maxim Goryachy, one of the researchers who discovered the vulnerability, told Ars Technica. “Basically, this key is encrypted, but we also found the way to decrypt it, and it allows us to execute arbitrary code inside the management engine, extract bitlocker/tpm keys, etc.”

Patch now

The good news as previously mentioned is the hacker requires physical access and Intel has already released an update.

In its advisory on the matter, Intel rated the vulnerability severity as high.

“A potential security vulnerability in some Intel Processors may allow escalation of privilege,” it stated. “Intel is releasing firmware updates to mitigate this potential vulnerability.”

“Intel recommends that users of affected Intel Processors update to the latest version provided by the system manufacturer that addresses these issues,” it added.

The final piece of good news is that there is no evidence (as yet) of the flaw being actively exploited in the wild.

Past flaws

Computer chips have been subjected to a number of security scares over the years.

In 2015 for example, researchers found that older Intel processors contain a security vulnerability that could allow attackers to gain control of system hardware and implant rootkits into the processor’s firmware.

But perhaps the most famous scare came in 2018, namely the Meltdown and Spectre flaws that rocked the world at the time.

Matters were not helped when Intel manufacturer partners distributed botched versions of patches.

The Spectre and Meltdown bugs affected virtually every processor made by Intel, AMD and ARM during the past 20 years.

Essentially, the vulnerabilities affected the kernel of the chips and allowed an attacker to read information that should otherwise be inaccessible. This meant an attacker could obtain passwords, encryption keys or steal information from other applications.

A year later in March 2019 researchers at Worcester Polytechnic Institute and the University of Lübeck found the Spoiler flaw could allow attacker to exploit how a PC’s memory works.

Tom Jowitt

Tom Jowitt is a leading British tech freelancer and long standing contributor to Silicon UK. He is also a bit of a Lord of the Rings nut...

Recent Posts

Generative AI Not Replacing UK Jobs, Study Finds

Study finds UK organisations broadly deploying generative AI to support existing jobs, but execs say…

7 hours ago

Google Must Face Trial In Ad Tech Monopoly Case

Google loses bid for summary judgement as judge says 'too many facts in dispute' as…

20 hours ago

Silicon In Focus Podcast: Feeding the Machine

Learn how your business can meet the challenges associated with managing data across multiple platforms…

20 hours ago

Apple, Meta Likely To Face EU Antitrust Charges

Apple, Facebook parent Meta reportedly likely to face EU antitrust charges before August under new…

20 hours ago

Adobe Shares Jump On AI Success

Adobe shares post biggest gains in more than four years after it reports user take-up…

21 hours ago

Winklevoss’ Gemini To Pay $50m In Crypto Fraud Settlement

Winklevoss twins' Gemini Trust to pay $50m to settle cypto fraud claims over failed Gemini…

21 hours ago