![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
fightingfi
2[H]4U
- Joined
- Oct 9, 2008
- Messages
- 3,231
F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure.
Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.
"The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."
F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
"No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.
A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.
"The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."
F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
"No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.
A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
