Finnish firm detects new Intel security flaw

Kannettava tietokone etualalla ja tuntematon mies näkyy taustalla

A NEW security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said today. The attacker does need to have physical access to the laptop but there are several scenarios where this could prove to be a trivial issue. It exists within Intel's Active Management Technology (AMT) and potentially affects millions of laptops globally.

"In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures", said Harry Sintonen, the F-Secure security consultant who discovered the bug.

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. The weakness can be exploited in mere seconds without a single line of code.

"The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorised user from booting up the device or making low-level changes to it, does not prevent unauthorised access to the AMT BIOS extension".

While requiring physical proximity to the target makes the attack more hard to initiate than a remote attack like a phishing email, it's not impossible that skilled attackers looking to compromise a particular target could orchestrate a scenario where they could get the brief time with the device they need.

The new flaw targets laptops, especially those powered by Intel's enterprise-focused vPro processors, and exploits the remote access monitoring and maintenance tools provided by AMT to gain total control over the machine.

This would allow any attacker to log into Intel Management Engine BIOS Extension (MEBx) using the default password "admin", as this default is probably unchanged on most corporate laptops.

From there, the attacker can change the default password, enable remote access and set the AMT's user opt-in to "none" enabling remote access to the device without knowledge or input from the user - so long as they can put themselves on the same network as the victim.

The issue permits an attacker with physical access to a laptop to bypass having to enter passwords and to access and remotely exploit the laptop later, the company said.

"The attacker can break into your room and configure your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel WLAN". The remote access is limited to whatever network the targeted computer connects to, but that can include wireless networks.

AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen's discovery surprised even him.

Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password. In fact, it's one of the first things I would expect an attacker to try, if said person had even a basic concept of what functions like AMT and the Intel Management Engine can be configured to do.

The issue was discovered in July 2017 and is unrelated to the recent Spectre and Meltdown vulnerabilities. Intel's own recommendations for using AMT in a secure manner follow similar logic.

Go through all now deployed devices and configure the AMT password or disable the functionality altogether. Meanwhile, end users are recommended to never leave their laptop unmonitored in an insecure location.

Contact your IT service desk to handle the device.

Related News:

  • James Franco now accused of sexual misconduct by five women

    James Franco now accused of sexual misconduct by five women

    While chatting in the the auto , Franco surprised her by suddenly taking his penis out, she said, and putting her hand on it. She is part of our camp! Franco told Colbert on Tuesday night that "if there's restitution to be made, I will make it".
    This is What Meghan Markle's First Wedding Dress Looked Like

    This is What Meghan Markle's First Wedding Dress Looked Like

    Taking to Twitter, Samantha wrote: 'Actually she has a large family who were always there with her and for her. However, now that the royal wedding preparations are underway, Samantha is begging Meghan for forgiveness .
    Bill Cosby: 'Please Don't Put Me on #MeToo'

    Bill Cosby: 'Please Don't Put Me on #MeToo'

    He has said Constand, a former executive with Temple University's women's basketball program, consented to their sexual encounter. Cosby has been accused by more than 50 women of drugging them and sexually assaulting them or attempting to do so.
  • Somewhat Positive Press Coverage Somewhat Unlikely to Affect Gerdau (GGB) Share Price

    Over a month, it has seen its stock price volatility to stay at 3.37% while shortening the period to a week, volatility was 3.06%. Gerdau S.A. (NYSE: GGB ) touched its 1-Year High price of $4.69 on 01/11/18 and its 1-Year Low price of $2.60 on 06/15/17.
    Saudi women to enter stadiums for first time to watch soccer

    Saudi women to enter stadiums for first time to watch soccer

    The first stadium is to open its doors to women in the Red Sea city of Jiddah today. The result meant Al-Ahli closed the gap on table toppers Al-Hilal to one point.

    Woman, Two Children Killed in Southern Illinois Collision

    After the head-on collision, an SUV driven by 62-year-old Cathy Ulen of Ullin rear-ended Reichert's auto . A three-vehicle crash in Massac County killed three people and seriously injured four others Thursday.
  • Carrie Underwood Premieres New Sports Anthem 'The Champion' Featuring Ludacris

    Carrie Underwood Premieres New Sports Anthem 'The Champion' Featuring Ludacris

    The Champion and its accompanying video will air at the beginning of the telecast before the big American football game, which will take place at the U.S.

    Has $13.02 Million Holdings in Interpublic Group of Companies Inc (NYSE:IPG)

    Staying on top of longer-term price action may help provide investors with a wider range of reference when doing stock analysis. The Fenimore Asset Management Inc holds 2.58 million shares with $53.72 million value, up from 2.56 million last quarter.
    Analysts Set Royal Caribbean Cruises Ltd (RCL) Target Price at $127.84

    Analysts Set Royal Caribbean Cruises Ltd (RCL) Target Price at $127.84

    New York State Common Retirement Fund holds 0.09% of its portfolio in Royal Caribbean Cruises Ltd . (NYSE:RCL) for 568,258 shares. The company reported $1.23 earnings per share for the quarter, beating the Thomson Reuters' consensus estimate of $1.21 by $0.02.
  • President Trump reacts to possible Winfrey run: 'Yeah, I'll beat Oprah'

    She'd be sort of like me.' Trump stated at the time. "I think one of the arguments against Oprah is 45". Her speech set the internet ablaze with hopes and dreams that she would run for president in 2020 .
    Texas A&M Knocks Lady Vols From Unbeaten Ranks

    Texas A&M Knocks Lady Vols From Unbeaten Ranks

    The run was led by Chennedy Carter's hot hand, but the freshman eventually cooled off and the Ags couldn't hold onto their lead. Following Williams's free throws that put the Aggies on top by one, Tennessee had seven seconds for one final chance.
    Youth should be encouraged to become 'innovators': PM Modi

    Youth should be encouraged to become 'innovators': PM Modi

    Swami Vivekananda's birth anniversary is observed as Yuva Diwas in the state. We observe this day as "Vivek Chetna Utsab" in Bengal.


Most liked

Chicago Bridge & Iron (CBI) Receives $19.33 Average PT from Analysts
The Massachusetts-based Wellington Mngmt Grp Llp has invested 0% in Twenty-First Century Fox, Inc. (NYSE:CNS) for 22,492 shares. The broad General Contractors industry has an average P/S ratio of 71.31, which is significantly worse than the sector's 9.45.

Archer Daniels Midland (ADM) Stock Rating Lowered by Zacks Investment Research
Country Club Trust Company n.a.'s holdings in Archer Daniels Midland were worth $10,318,000 as of its most recent SEC filing. Moreover, Private Advisor Gp Limited Liability Company has 0.02% invested in Archer-Daniels-Midland Company (NYSE:ADM).

Trump suggests Republicans 'finally take control' of Russian Federation probe
His team of investigators has expressed interest in speaking with Trump as part of the probe, but no details have been worked out. Mark Warner, D-Va., have worked closely together as panel staff has quietly interviewed more than 100 witnesses.

Lindsay Lohan Steps Out in Style for Grandma's 94th Birthday
Special day: The Parent Trap star's mother and grandmother was also in attendance. "I'm discussing designing my own island in Dubai at the World Islands".

Which Insiders Are Selling Medical Properties Trust, Inc. (MPW)?
IFP Advisors Inc boosted its stake in shares of Medical Properties Trust by 12.1% during the second quarter. The average daily volatility for the week was at 1.76%, which was 0.27 higher than that in the past month.

Cooper Tire & Rubber (CTB) Rating Increased to Buy at Northcoast Research
Northcoast Research raised Cooper Tire & Rubber from a "neutral" rating to a "buy" rating in a report on Wednesday. Cooper Tire & Rubber Company ( CTB ) recently closed with rise of 11.24% to its 20-Day Simple Moving Average.

(INTC) Holdings Trimmed by Narwhal Capital Management
Strategic Financial Services Inc, which manages about $605.49 million US Long portfolio, decreased its stake in Boeing Co. Wg Shaheen And Associates Dba Whitney And Com owns 1.05% invested in Intel Corporation (NASDAQ: INTC ) for 92,453 shares.

Trump reviews his own meeting; gives a big thumbs up
Trump has suffered no form of cancer, has never had a hip, knee or shoulder replacement or any other orthopedic surgery", Dr. Sanders said at the time that the president was simply thirsty, calling questions about his health "ridiculous".

The Hill: Trump Lawyer Sues BuzzFeed, Fusion GPS for Defamation Over Dossier
Mr Trump said "we'll see what happens" when asked if he would provide an interview to Mr Mueller's team. The lawyer for Fusion GPS co-founder Glenn Simpson made the revelation after Republican Sen.

49ers LB Reuben Foster arrested on marijuana charge in Alabama
Niners Wire's Chris Biderman shared a picture of Foster's recent arrest photo, which states the charge and a bond of $2,500. He then failed a mandatory drug test, which came back as dilute and, per league rules, had to be treated as positive.

Vodafone Group Plc (NASDAQ: VOD)
Heading into the stock price potential, Vodafone Group Plc needs to grow just 8.53% to cross its median price target of $34.35. Axa increased its stake in Oracle Corp (ORCL) by 44.24% based on its latest 2017Q3 regulatory filing with the SEC.

Minkah Fitzpatrick Was in the Bathroom During the National Championship's Biggest Moment
He was not resigning to a better game plan demonstrated by Georgia in the first half; he was leading. Besides, Arians says, "they're the Giants ". "I could tell which side was the Alabama side".

Jai Simha movie review and rating by audience
Previously, Actor tasted blockbuster with period drama Gautamiputra Satakarni in 2017. It is wonderful action drama for the family entertainment on the eve of Sankranti.

Amazon's Alexa, Google's Assistant compete at CES to control the smart home
What's more , the device features a single 10-watt speaker to the left of the display for what I suspect are design reasons. Expect a "summer" release date in the United States of America , but we couldn't get a confirmed United Kingdom date.

Investment Research Analysts Opinion: Golar LNG Partners LP (GMLP), Carter's, Inc. (CRI)
Rafferty Asset Management LLC purchased a new position in Golar LNG Partners during the 2nd quarter valued at about $2,821,000. Financial Bank Of The West holds 0.06% or 3,073 shares. 35,515 were accumulated by Blair William Company Il.