Intel laptops now under attack

Discussion in 'Intel Processors' started by fightingfi, Jan 12, 2018.

  1. fightingfi

    fightingfi Look at Me! I need the attention.

    Messages:
    2,010
    Joined:
    Oct 9, 2008
    F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure.
    Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.
    "The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."
    F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
    "No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.
    A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
     
  2. kumquat

    kumquat [H]ardness Supreme

    Messages:
    5,239
    Joined:
    Dec 7, 2005
    And there is no mechanism, software or hardware, by which IME can be disabled.

    Perfect.
     
  3. arestavo

    arestavo [H]ard|Gawd

    Messages:
    1,344
    Joined:
    Mar 25, 2013
    "F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user."

    Well, it's good thing those are fairly serious caveats.
     
    SticKx911 and Speedeu4ia like this.
  4. somebrains

    somebrains Limp Gawd

    Messages:
    176
    Joined:
    Nov 10, 2013
    I love fear, I bought a T420 today for $20 off a corp sale.
    I guess the news reminded this office to sell off their unused laptops.
    Threw an old ssd and a 4gb sodimm in it.

    Installed Mint, done.

    Love the old Thinkpad keyboard.
     
  5. amd4life

    amd4life Gawd

    Messages:
    518
    Joined:
    Dec 5, 2005
    So bad idea to purchase a older intel based laptop, due to all these issues. Or much ado about nothing? I need a laptop for backup, but Id rather not buy a I7 and have any security patch limit the power.

    Am I just tripping?
     
  6. pendragon1

    pendragon1 [H]ardness Supreme

    Messages:
    6,686
    Joined:
    Oct 7, 2000
    buy one. apply the updates right away. you'll never know the difference.
     
    Denpepe, Verado and amd4life like this.
  7. thenjduke

    thenjduke Limp Gawd

    Messages:
    344
    Joined:
    Jul 24, 2007
    The company I work with we just finish up major patching and now here comes more!