Intel Admits to Vulnerability in Its Post-2008 CPUs

We’ve reported multiple times that every Intel processor after 2008 is vulnerable to remote attack. The culprit is Intel’s Management Engine – included within every Intel processor for the past nine years, since Nehalem – which is designed to allow administrative remote access to PC systems. In fact, accessing Intel ME gives one access to operating system, hard drive, and boot state, even when the system is off, though still powered and networked.

Unfortunately, Intel ME leaves systems open to remote rootkit attacks. Indeed, some researchers became so concerned that they developed a method of partially disabling Intel ME. Throughout, Intel played down the issue, though it did issue security patches for further ME protection. However, Intel is now admitting that it itself found multiple vulnerabilities linked to Intel ME, Server Platform Services (SPS), and Trusted Execution Engine (TXE).

Intel Admits to ME Vulnerability

Nearly eighteen months after the issue became known, Intel is finally investigating flaws in its Management Engine. As a result, it admits that it has discovered significant security issues connected to Intel ME. In an official statement, it said:

“In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience.

As a result, Intel has identified security vulnerabilities that could potentially place impacted platforms at risk.”

Affected Intel Products

• 6th, 7th & 8th Generation Intel Core Processor Family
• Intel Xeon Processors:
  • E3-1200 v5 & v6 Product Family
  • Scalable Family
  • W Family
• Intel Atom C3000 Processor Family
• Apollo Lake Processors:
• Atom Processor E3900 series
• Pentium
• Celeron N and J series Processors

No doubt Intel is working on fixes. More information as we get it.