A Non-repairable Security Vulnerability for Intel Processors Has Been Discovered by Researchers from Positive Technologies

Peter_Brosdahl

Moderator
Staff member
Joined
May 28, 2019
Messages
8,887
Points
113
intel-chip-circuits-1024x576.jpg
Image: Intel



It has been a rough patch of years for Intel since 2017 when it comes to vulnerabilities or exploits. Unfortunately that does not seem to be changing with this story. Researchers over at Positive Technologies have discovered a troublesome vulnerability. This particular one is not something that can be fixed via a simple firmware patch. Positive Technologies is preparing a full-length white paper with all the technical details but there is plenty to digest in what they have already posted on their blog page.



It starts at the hardware level of the boot ROM for the Intel Converged Security and Management Engine, or CSME.



From Positive Technologies:



“CSME is responsible for initial authentication of Intel-based systems by loading and verifying all other firmware for modern...
Click to expand...

Continue reading...
 
Last edited by a moderator:
Makes me happier every day that I went with an AMD build for my refresh.

Though until this gets addressed imagine if your CIO had their laptop stolen.. or a lead geologist for an oil company. Or someone in a three letter organization of the government... and so on. Escalated access to everything on the laptop...

20+ years ago when I was working for an oil company it was estimated the black market value of a geologists laptop was in excess of 2 million dollars.
 
Uvilla said:
Yet it reads more like a backdoor and less of a mistake.
Click to expand...

I agree. Now all of those criminals can find the method to reset the Intel based laptops and reset them without removing drives. Works for soldered on nvme drives for macs too I bet.
 
Grimlakin said:
I agree. Now all of those criminals can find the method to reset the Intel based laptops and reset them without removing drives. Works for soldered on nvme drives for macs too I bet.
Click to expand...
I admit, hadn't thought of that. Bet Apple won't be too happy to realize it either if that ends up being true.
 
If physical access is needed, this is moot.

If someone wishing to do harm has physical access to your machine, all is already lost.
 
Zarathustra said:
If physical access is needed, this is moot.

If someone wishing to do harm has physical access to your machine, all is already lost.
Click to expand...

Actually that is inaccurate. This is completely why you have encryption on drives. Now if this vulnerability lets you bypass that or circumvent disk encryption then this is a HUGE deal. That opens up the vector of data being stolen to a MUCH LARGER audience.

Want to be a rich criminal in a few days. Buy this new method to bypass encryption. Then go to the airport buy a cheap ticket and see if you can get away with an executives business laptop. Boom money maid if you pull it off because the threat of loosing that data when it is still valuable is TOO HIGH to ignore.

For instance imagine if your COO had their laoptop stolen with data on it for how your company does business and what it's plans are for the next 3 fiscal years? Or as my example above a lead geologist with plans on where your company is looking to drill for oil or information on actual impact of fracking as an example. That data can be worth MILLIONS if it can be accessed and acted upon within a short period of time.

And if this vulnerabiltiy... I know if if if... but you get the idea it's a lot easier to do this with the level of access this gives.
 
Grimlakin said:
And if this vulnerabiltiy... I know if if if... but you get the idea it's a lot easier to do this with the level of access this gives.
Click to expand...

Yeah but that's still ~miles~ away from a vulnerability that can get exploited via a drive by javascript or clickbait email or something.

Your examples are legit, I don't mean to discount that. But physical access is much easier to control than online access, and it's much easier to catch a guy who's just ripped off your luggage than it is to find a guy who clicked on a Viagra ad in Accounting and that infected every PC in the building.
 
You must log in or register to reply here.
Become a Patron!
Back
Top