News

Another Intel Vulnerability, and it’s Unfixable…

Honestly, I saw this story this morning and I couldn’t help but think “what? Again… meh, same s*** different day” but that doesn’t make it any less of a serious issue. Researchers at Positive Technologies found the vulnerability Inside Intel’s Converged Security and Management Engine (CSME). I mean, that’s what I go digging through in my spare time too, but alas, they found that the CSME is actually a tiny CPU within a CPU.

The little chip in a chip is responsible for the security of the SoC. It’s basically a secure box for all the secret data handling on the chip I guess. However, they’ve cracked it and that means that now many millions of Intel CPU based systems from the last five years are now vulnerable.

Whoops

“Unfortunately, no security system is perfect. Like all security architectures, Intel’s had a weakness: the boot ROM, in this case. An early-stage vulnerability in ROM enables control over the reading of the Chipset Key and generation of all other encryption keys. One of these keys is for the Integrity Control Value Blob (ICVB). With this key, attackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature, but limited to a specific platform.” – Positive Technologies

Am I Safe?

It looks like every Intel CPU of the last 5 years is suffering this unfixable issue. However, the 10th Gen, Ice Point chipsets and SoCs are not affected by it. The only saving grace is that you need physical access to the hardware as it cannot be done remotely. Of course, that may be good for your gaming PC in your bedroom, not so great for your office computer in a sensitive industry.

Peter Donnell

As a child still in my 30's (but not for long), I spend my day combining my love of music and movies with a life-long passion for gaming, from arcade classics and retro consoles to the latest high-end PC and console games. So it's no wonder I write about tech and test the latest hardware while I enjoy my hobbies!

Disqus Comments Loading...

Recent Posts

Corsair Introduces K70 Pro TKL Keyboard With Rapid Trigger

Corsair has just launched a new keyboard aimed at serious gamers, the K70 PRO TKL.…

16 hours ago

Panasonic TB-40S45AEY, S45 Series 40 inch Full HD LED Smart TV

FULL HD PICTURE PERFORMANCE: Elevate your viewing with this LED TV's High Definition resolution and…

17 hours ago

Panasonic TV-40S55AEY, S55 Series 40 inch Full HD LED Smart TV

HD COLOUR ENGINE: Experience vibrant visuals with this LED TV's HD Colour Engine processing chip,…

17 hours ago

suptek 2 Floating Shelf Wall bracket 

Compatibility - The wall mount shelf is compatible with wood and concrete walls. The adjustable…

17 hours ago

Ghostbusters: Frozen Empire

GenreScience FictionFormatDVD-VideoContributorMckenna Grace, Paul Rudd, Kumail Nanjiani, Carrie Coon, Finn WolfhardLanguageEnglishRuntime1 hour and 55 minutes…

17 hours ago

Hisense 55 Inch 144Hz Mini-LED Smart TV

Picture Quality: 240 Mini-LED PRO Local Dimming Zones | Quantum Dot Technology | 144 Hz…

17 hours ago