Finnish firm detects new Intel security flaw

Kannettava tietokone etualalla ja tuntematon mies näkyy taustalla

A NEW security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said today. The attacker does need to have physical access to the laptop but there are several scenarios where this could prove to be a trivial issue. It exists within Intel's Active Management Technology (AMT) and potentially affects millions of laptops globally.

"In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures", said Harry Sintonen, the F-Secure security consultant who discovered the bug.

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. The weakness can be exploited in mere seconds without a single line of code.

"The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorised user from booting up the device or making low-level changes to it, does not prevent unauthorised access to the AMT BIOS extension".

While requiring physical proximity to the target makes the attack more hard to initiate than a remote attack like a phishing email, it's not impossible that skilled attackers looking to compromise a particular target could orchestrate a scenario where they could get the brief time with the device they need.

The new flaw targets laptops, especially those powered by Intel's enterprise-focused vPro processors, and exploits the remote access monitoring and maintenance tools provided by AMT to gain total control over the machine.

This would allow any attacker to log into Intel Management Engine BIOS Extension (MEBx) using the default password "admin", as this default is probably unchanged on most corporate laptops.

From there, the attacker can change the default password, enable remote access and set the AMT's user opt-in to "none" enabling remote access to the device without knowledge or input from the user - so long as they can put themselves on the same network as the victim.

The issue permits an attacker with physical access to a laptop to bypass having to enter passwords and to access and remotely exploit the laptop later, the company said.

"The attacker can break into your room and configure your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel WLAN". The remote access is limited to whatever network the targeted computer connects to, but that can include wireless networks.

AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen's discovery surprised even him.

Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password. In fact, it's one of the first things I would expect an attacker to try, if said person had even a basic concept of what functions like AMT and the Intel Management Engine can be configured to do.

The issue was discovered in July 2017 and is unrelated to the recent Spectre and Meltdown vulnerabilities. Intel's own recommendations for using AMT in a secure manner follow similar logic.

Go through all now deployed devices and configure the AMT password or disable the functionality altogether. Meanwhile, end users are recommended to never leave their laptop unmonitored in an insecure location.

Contact your IT service desk to handle the device.

Related News:

  • President Trump reacts to possible Winfrey run: 'Yeah, I'll beat Oprah'

    She'd be sort of like me.' Trump stated at the time. "I think one of the arguments against Oprah is 45". Her speech set the internet ablaze with hopes and dreams that she would run for president in 2020 .
    This is What Meghan Markle's First Wedding Dress Looked Like

    This is What Meghan Markle's First Wedding Dress Looked Like

    Taking to Twitter, Samantha wrote: 'Actually she has a large family who were always there with her and for her. However, now that the royal wedding preparations are underway, Samantha is begging Meghan for forgiveness .
    Youth should be encouraged to become 'innovators': PM Modi

    Youth should be encouraged to become 'innovators': PM Modi

    Swami Vivekananda's birth anniversary is observed as Yuva Diwas in the state. We observe this day as "Vivek Chetna Utsab" in Bengal.
  • Texas A&M Knocks Lady Vols From Unbeaten Ranks

    Texas A&M Knocks Lady Vols From Unbeaten Ranks

    The run was led by Chennedy Carter's hot hand, but the freshman eventually cooled off and the Ags couldn't hold onto their lead. Following Williams's free throws that put the Aggies on top by one, Tennessee had seven seconds for one final chance.
    London Mayor Sadiq Khan: 'Donald Trump Is Not Welcome Here'

    London Mayor Sadiq Khan: 'Donald Trump Is Not Welcome Here'

    In November, Ms May directly criticised Mr Trump's decision to retweet material from the far-right extremist group, Britain First. First off, the decision to move the embassy was made under President George W.
    Amazon's Alexa, Google's Assistant compete at CES to control the smart home

    Amazon's Alexa, Google's Assistant compete at CES to control the smart home

    What's more , the device features a single 10-watt speaker to the left of the display for what I suspect are design reasons. Expect a "summer" release date in the United States of America , but we couldn't get a confirmed United Kingdom date.
  • Saudi women to enter stadiums for first time to watch soccer

    Saudi women to enter stadiums for first time to watch soccer

    The first stadium is to open its doors to women in the Red Sea city of Jiddah today. The result meant Al-Ahli closed the gap on table toppers Al-Hilal to one point.
    NFL Playoffs, Divisional Round: This Weekend's Best Bets

    NFL Playoffs, Divisional Round: This Weekend's Best Bets

    Mariota was consistently on the big stage in college, and he looked prepared for the intensity that came with postseason play. The Jags looked very stout on defense causing the Bills to look like they were some JV team playing true NFLers on offense.
    49ers LB Reuben Foster arrested on marijuana charge in Alabama

    49ers LB Reuben Foster arrested on marijuana charge in Alabama

    Niners Wire's Chris Biderman shared a picture of Foster's recent arrest photo, which states the charge and a bond of $2,500. He then failed a mandatory drug test, which came back as dilute and, per league rules, had to be treated as positive.
  • Automotive Engine Oil Market | Global Industry Report (2012-2022)

    Chapter 7 and Chapter 8: This sections conducts SWOT analysis and Ceramic Ball Valve market status of these regions . Global Engine Oil Additives Market Analysis Based on Product Type includes Gasoline, Natural Gas and Diesel.

    Cowen Reaffirms Buy Rating for Pepsico (PEP)

    Intersect holds 0.17% in Pepsico, Inc. (NASDAQ:PEP) earned "Sector Perform" rating by RBC Capital Markets on Thursday, October 5. Also, the number of funds holding Pepsico Inc in their top 10 equity positions decreased from 185 to 141 for a decrease of 44.
    Jai Simha movie review and rating by audience

    Jai Simha movie review and rating by audience

    Previously, Actor tasted blockbuster with period drama Gautamiputra Satakarni in 2017. It is wonderful action drama for the family entertainment on the eve of Sankranti.


Most liked

Somewhat Positive Press Coverage Somewhat Unlikely to Affect Gerdau (GGB) Share Price
Over a month, it has seen its stock price volatility to stay at 3.37% while shortening the period to a week, volatility was 3.06%. Gerdau S.A. (NYSE: GGB ) touched its 1-Year High price of $4.69 on 01/11/18 and its 1-Year Low price of $2.60 on 06/15/17.

Chicago Bridge & Iron (CBI) Receives $19.33 Average PT from Analysts
The Massachusetts-based Wellington Mngmt Grp Llp has invested 0% in Twenty-First Century Fox, Inc. (NYSE:CNS) for 22,492 shares. The broad General Contractors industry has an average P/S ratio of 71.31, which is significantly worse than the sector's 9.45.

Archer Daniels Midland (ADM) Stock Rating Lowered by Zacks Investment Research
Country Club Trust Company n.a.'s holdings in Archer Daniels Midland were worth $10,318,000 as of its most recent SEC filing. Moreover, Private Advisor Gp Limited Liability Company has 0.02% invested in Archer-Daniels-Midland Company (NYSE:ADM).

Federer has battle on his hands to defend Australian Open title
With so many players in contention and so much firepower, handling the stress will be the key, according to Mats Wilander. A rematch of last year's Australian Open semifinal with 2017's strongest finisher, Grigor Dimitrov , is on the cards.

Cooper Tire & Rubber (CTB) Rating Increased to Buy at Northcoast Research
Northcoast Research raised Cooper Tire & Rubber from a "neutral" rating to a "buy" rating in a report on Wednesday. Cooper Tire & Rubber Company ( CTB ) recently closed with rise of 11.24% to its 20-Day Simple Moving Average.

(INTC) Holdings Trimmed by Narwhal Capital Management
Strategic Financial Services Inc, which manages about $605.49 million US Long portfolio, decreased its stake in Boeing Co. Wg Shaheen And Associates Dba Whitney And Com owns 1.05% invested in Intel Corporation (NASDAQ: INTC ) for 92,453 shares.

Trump reviews his own meeting; gives a big thumbs up
Trump has suffered no form of cancer, has never had a hip, knee or shoulder replacement or any other orthopedic surgery", Dr. Sanders said at the time that the president was simply thirsty, calling questions about his health "ridiculous".

Carrie Underwood Premieres New Sports Anthem 'The Champion' Featuring Ludacris
The Champion and its accompanying video will air at the beginning of the telecast before the big American football game, which will take place at the U.S.

Del Potro into Classic tennis final
Spaniard Roberto Bautista Agut has cruised into the ASB Classic semi-finals with a 7-6 (7-1) 6-2 win over Czech Jiri Vesely in Auckland.

Vodafone Group Plc (NASDAQ: VOD)
Heading into the stock price potential, Vodafone Group Plc needs to grow just 8.53% to cross its median price target of $34.35. Axa increased its stake in Oracle Corp (ORCL) by 44.24% based on its latest 2017Q3 regulatory filing with the SEC.

Has $13.02 Million Holdings in Interpublic Group of Companies Inc (NYSE:IPG)
Staying on top of longer-term price action may help provide investors with a wider range of reference when doing stock analysis. The Fenimore Asset Management Inc holds 2.58 million shares with $53.72 million value, up from 2.56 million last quarter.

The Supreme Court Will Take Up Texas Redistricting Case
Hanging over the Texas case is the possibility that the state will be placed back under federal oversight of its elections laws. The judges said that minority voters were needless shoved out of Farenthold's district to keep it safely Republican.

Investment Research Analysts Opinion: Golar LNG Partners LP (GMLP), Carter's, Inc. (CRI)
Rafferty Asset Management LLC purchased a new position in Golar LNG Partners during the 2nd quarter valued at about $2,821,000. Financial Bank Of The West holds 0.06% or 3,073 shares. 35,515 were accumulated by Blair William Company Il.

Investor Catching Stocks: Cytori Therapeutics, Inc. (CYTX), Ocean Power Technologies, Inc. (OPTT)
The volatility measures taking place as price volatility of stock was 34.28% for a week and 16.98% for a month. Cytori Therapeutics (NASDAQ: CYTX ) last posted its earnings results on Thursday, November 9th.

Bill Cosby: 'Please Don't Put Me on #MeToo'
He has said Constand, a former executive with Temple University's women's basketball program, consented to their sexual encounter. Cosby has been accused by more than 50 women of drugging them and sexually assaulting them or attempting to do so.