News

Another Intel Vulnerability, and it’s Unfixable…

Honestly, I saw this story this morning and I couldn’t help but think “what? Again… meh, same s*** different day” but that doesn’t make it any less of a serious issue. Researchers at Positive Technologies found the vulnerability Inside Intel’s Converged Security and Management Engine (CSME). I mean, that’s what I go digging through in my spare time too, but alas, they found that the CSME is actually a tiny CPU within a CPU.

The little chip in a chip is responsible for the security of the SoC. It’s basically a secure box for all the secret data handling on the chip I guess. However, they’ve cracked it and that means that now many millions of Intel CPU based systems from the last five years are now vulnerable.

Whoops

“Unfortunately, no security system is perfect. Like all security architectures, Intel’s had a weakness: the boot ROM, in this case. An early-stage vulnerability in ROM enables control over the reading of the Chipset Key and generation of all other encryption keys. One of these keys is for the Integrity Control Value Blob (ICVB). With this key, attackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature, but limited to a specific platform.” – Positive Technologies

Am I Safe?

It looks like every Intel CPU of the last 5 years is suffering this unfixable issue. However, the 10th Gen, Ice Point chipsets and SoCs are not affected by it. The only saving grace is that you need physical access to the hardware as it cannot be done remotely. Of course, that may be good for your gaming PC in your bedroom, not so great for your office computer in a sensitive industry.

Peter Donnell

As a child still in my 30's (but not for long), I spend my day combining my love of music and movies with a life-long passion for gaming, from arcade classics and retro consoles to the latest high-end PC and console games. So it's no wonder I write about tech and test the latest hardware while I enjoy my hobbies!

Disqus Comments Loading...

Recent Posts

Nvidia’s GeForce RTX 5090 Possible Price Revealed

According to a new report, the GeForce RTX 5090 GPU will be very expensive. It…

15 mins ago

AMD Krackan Processor with 6 Zen 5 and Zen 5c Cores for Budget AI Laptops Leaked

A new AMD processor in the form of an engineering model has been leaked in…

26 mins ago

SK Hynix Begins Production of First 321-Layer NAND Chips

SK Hynix has claimed to be the first company to mass-produce 321-layer NAND memory chips.…

39 mins ago

Trust Gaming GXT 609 Zoxa 2.0 PC Speakers

SOUNDS GREAT – Full stereo sound (12W peak power) gives your setup a booming audio…

5 hours ago

PowerA Wired Controller for Nintendo Switch

Special Edition Yoshi design Ergonomic controller shape with Nintendo Switch button layout Detachable 10ft (3m)…

5 hours ago

Logitech G Saitek PRO Flight Rudder Pedals

Fluid Motion: These flight rudder pedals are smooth and accurate that enable precise control over…

5 hours ago