Intel CPUs Could Contain Huge Security Flaw

A management technology present in Intel x86 CPUs for the past decade might contain a massive vulnerability which, if exploited, could leave systems vulnerable to “nearly unkillable, undetectable rootkit attacks.”

According to a report by BoingBoing, the Intel Management Engine (ME) – which allows administrators to remotely access and control all major PC systems, regardless of whether the computer is on or not – is at severe risk of being compromised, giving hackers full remote access to computers that carry the technology.

“Although the ME firmware is cryptographically protected with RSA 2048, researchers have been able to exploit weaknesses in the ME firmware and take partial control of the ME on early models,” BoingBoing reports. “This makes ME a huge security loophole, and it has been called a very powerful rootkit mechanism. Once a system is compromised by a rootkit, attackers can gain administration access and undetectably attack the computer.”

The most vulnerable component of ME is the Intel Active Management Technology (AMT), which gives network admins access to a PC’s operating system, hard drive, and boot state.

“On systems newer than the Core2 series, the ME cannot be disabled,” the article adds. “Intel systems that are designed to have ME but lack ME firmware (or whose ME firmware is corrupted) will refuse to boot, or will shut-down shortly after booting.”

Since the ME runs on a separate chip that Intel is rather secretive about – no audits or examinations of it have been permitted – the company is unlikely to be particularly forthcoming on the above allegations. For now, let’s hope that its secrecy will help protect the potential vulnerability from being fully exploited.