Home > News content

Intel blocked AMT high-risk loopholes in the past ten years to repair

via:博客园     time:2017/5/6 22:30:24     readed:770

Chip giant Intel has finally been marked with a nearly ten years of security vulnerabilities patch, blocked with the chip active management technology (AMT) technology related to a high-risk vulnerability, the vulnerability affected since 2008, Nehalem until 2017 Kaby Lake and many other chips. The latest firmware fix number is as follows, hope that the affected chip model users as soon as possible to upgrade the latest BIOS firmware, blocking loopholes.

intelmeiversions.pngintelmeiversions.png

In a recent release of a security bulletin, Intel has given a "serious Severity" assessment of this compromise vulnerability. The vulnerability exists in Active Management (AMT), Standard Management (ISM), and Intel Small Business Technology (SBT), involving version 6.x, 7.x, 8.x, 9.x, 10.x, 11.5 and 11.6 firmware.

With this vulnerability, the attacker can "get the control of the management functions provided in the above products".

In addition, Intel also gives two examples:

  1. An unprivileged network attacker can gain system privileges with Intel's management functions, which affect the following SKU & mdash; AMT, ISM, SBT (CVSSv3 9.8 Critical / AV: N / AC: L / PR: N / UI: N / S: U / C: H / I: H / A: H).
  2. An unprivileged local attacker can gain access to the network or local system again, which affects the following SKU & mdash; AMT, ISM, SBT ((CVSSv3 8.4 High / AV: L / AC: L / PR: N / UI: N / S: U / C: H / I: H / A: H)).

SemiAccurate said it urges Intel to fix the problem for several years, but the company has been almost indifferent in the past nine years.

Intel chip has a microprocessor and operating system independent of the microprocessor, called the Intel management engine Intel Management Engine, referred to as ME. A variety of technologies are based on ME, including code processing, media DRM, Trusted Platform Module TPM and so on.

ME is a separate system that is different from the CPU, it can be under the control of the CPU without using AMT (Intel Active Management Technology) and other technologies used to remotely manage the enterprise computer.

It relies on Intel's Active Management Technology (AMT) to achieve, when the function is turned on, even in the case of shutdown can also be computer remote management, you can view the status, installation, update software or systems, browse disk files. Such a powerful and convenient management technology also left a huge security threat.

China IT News APP

Download China IT News APP

Please rate this news

The average score will be displayed after you score.

Post comment

Do not see clearly? Click for a new code.

User comments