A group of external researchers identified some of the most serious potential vulnerabilities that affect the management engine (ME) and proactive management technology (AMT), which allow users to remotely manage computers before Intel decides to conduct a comprehensive evaluation of its products.
According to the researchers' analysis, the management engine, Trusted Execution Engine (TXE) andserverMultiple vulnerabilities exist on the Platform Services (SPS). These security vulnerabilities can be exploited by the emulation management engine, trusted execution engine, and server platform services, which in turn affect the effectiveness of local security authentication while not being monitored by the user and the operating system when executing arbitrary code, causing the system to crash or not stable.
Lei Feng network learned that, at this stage, the impact seems not too much, because the attack usually need to have a potential vulnerability local access to equipment. However, in some cases, hackers can also remotely attack across the network, Researchers warn that once a repeatable attack strategy has been developed, hacking can become much easier.
Intel Corporation has provided firmware patches for its affected processor equipment manufacturers, including Core, Xeon, Atom, Pentium, and Celeron CPU chips that support millions of operating systems.
However, it may take a long time if all users get the necessary patches. Intel's own current plan is to release BIOS updates for infected NUCs, Compute Stick, and Compute Card mini P C and development kits in December, and more than 30 models are currently affected by these vulnerabilities.
Acer has released a detailed list of about 240 affected laptops and desktop PCs, including Packard Bell, Gateway, Aspire, Veriton, TravelMate, Predator and Extensa. But at this stage, the company has not yet decided exactly when to update the firmware.
Dell has launched consulting services for laptops, PCs and PowerEdge servers, and PowerEdge servers can also provide proprietary services. There are more than 180 laptop and desktop PC related security vulnerabilities, including Alienware, Inspiron, Latitude, OptiPlex, Precision, Vostro and XPS and other models.
Dell said it expects to release a firmware update to affected products in January of next year, but the exact date has not been set because of the large number of systems involved. In the meantime, the company also advises users "to make sure that the system is physically safe, if possible, and that good safety measures are followed to ensure that only authorized personnel are using the device."
Fujitsu also posted recommendations to its customers telling them that more than 30 motherboards, 43 Esprimo desktop PCs, 11 Celsius workstations, 10 Primergy servers, and 67 LifeBooks, Stylistic and Celsius notebooks and tablets were affected. In addition, their investigation is still ongoing, so in the future may also announce other affected new product models.
At present, Fujitsu has provided updates to some of its products, but the exact time of most product updates has not yet been confirmed.
HPE has provided advice to affected ProLiant and Synergy server users asking them to install the firmware update promptly. At the same time, the company also pointed out that hacking requires physical access to the physical motherboard, so you can choose to use the lid lock to monitor malicious behavior. Not only that, but the Sillicon Root of Trust feature of HPE can also block malicious attacks directly, ensuring that some unauthorized firmware is running on the machine.
Lenovo has also released patches for several of its products and is expected to offer more updates to users this week.
Panasonic released a notice informing its customers that their laptops and tablets were affected by Intel chip loopholes and that some of the affected devices are expected to undergo a firmware update in January next year.
It is reported that Intel Corporation has now released a tool that can be used to detect whether the system is affected by the loopholes.