Finnish firm detects new Intel security flaw

Kannettava tietokone etualalla ja tuntematon mies näkyy taustalla

A NEW security flaw has been found in Intel hardware which could enable hackers to access corporate laptops remotely, Finnish cybersecurity specialist F-Secure said today. The attacker does need to have physical access to the laptop but there are several scenarios where this could prove to be a trivial issue. It exists within Intel's Active Management Technology (AMT) and potentially affects millions of laptops globally.

"In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures", said Harry Sintonen, the F-Secure security consultant who discovered the bug.

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. The weakness can be exploited in mere seconds without a single line of code.

"The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorised user from booting up the device or making low-level changes to it, does not prevent unauthorised access to the AMT BIOS extension".

While requiring physical proximity to the target makes the attack more hard to initiate than a remote attack like a phishing email, it's not impossible that skilled attackers looking to compromise a particular target could orchestrate a scenario where they could get the brief time with the device they need.

The new flaw targets laptops, especially those powered by Intel's enterprise-focused vPro processors, and exploits the remote access monitoring and maintenance tools provided by AMT to gain total control over the machine.

This would allow any attacker to log into Intel Management Engine BIOS Extension (MEBx) using the default password "admin", as this default is probably unchanged on most corporate laptops.

From there, the attacker can change the default password, enable remote access and set the AMT's user opt-in to "none" enabling remote access to the device without knowledge or input from the user - so long as they can put themselves on the same network as the victim.

The issue permits an attacker with physical access to a laptop to bypass having to enter passwords and to access and remotely exploit the laptop later, the company said.

"The attacker can break into your room and configure your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel WLAN". The remote access is limited to whatever network the targeted computer connects to, but that can include wireless networks.

AMT is no stranger to security weaknesses, with many other researchers finding multiple flaws within the system, but Sintonen's discovery surprised even him.

Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password. In fact, it's one of the first things I would expect an attacker to try, if said person had even a basic concept of what functions like AMT and the Intel Management Engine can be configured to do.

The issue was discovered in July 2017 and is unrelated to the recent Spectre and Meltdown vulnerabilities. Intel's own recommendations for using AMT in a secure manner follow similar logic.

Go through all now deployed devices and configure the AMT password or disable the functionality altogether. Meanwhile, end users are recommended to never leave their laptop unmonitored in an insecure location.

Contact your IT service desk to handle the device.

Related News:

  • Automotive Engine Oil Market | Global Industry Report (2012-2022)

    Automotive Engine Oil Market | Global Industry Report (2012-2022)

    Chapter 7 and Chapter 8: This sections conducts SWOT analysis and Ceramic Ball Valve market status of these regions . Global Engine Oil Additives Market Analysis Based on Product Type includes Gasoline, Natural Gas and Diesel.
    Samaritan limits visitors during flu season

    Samaritan limits visitors during flu season

    Joyce Olutade said. "Flu vaccination is not a ideal tool, but it is the best way to protect against flu infection", the CDC said. Comer also reminds hospital staff to remain clean to protect patients. "Use it whenever you touch door knobs or open doors".

    Investment Research Analysts Opinion: Golar LNG Partners LP (GMLP), Carter's, Inc. (CRI)

    Rafferty Asset Management LLC purchased a new position in Golar LNG Partners during the 2nd quarter valued at about $2,821,000. Financial Bank Of The West holds 0.06% or 3,073 shares. 35,515 were accumulated by Blair William Company Il.
  • New Commentator Sam Matterface Announced After Matt Chapman's Early Exit

    New Commentator Sam Matterface Announced After Matt Chapman's Early Exit

    TalkRADIO host Sam Matterface has been lined up as Matt's successor - according to The Sun newspaper. A Dancing on Ice source said: "Matt decided he couldn't make his diary work as he thought".
    Minkah Fitzpatrick Was in the Bathroom During the National Championship's Biggest Moment

    Minkah Fitzpatrick Was in the Bathroom During the National Championship's Biggest Moment

    He was not resigning to a better game plan demonstrated by Georgia in the first half; he was leading. Besides, Arians says, "they're the Giants ". "I could tell which side was the Alabama side".
    The Supreme Court Will Take Up Texas Redistricting Case

    The Supreme Court Will Take Up Texas Redistricting Case

    Hanging over the Texas case is the possibility that the state will be placed back under federal oversight of its elections laws. The judges said that minority voters were needless shoved out of Farenthold's district to keep it safely Republican.
  • Archer Daniels Midland (ADM) Stock Rating Lowered by Zacks Investment Research

    Country Club Trust Company n.a.'s holdings in Archer Daniels Midland were worth $10,318,000 as of its most recent SEC filing. Moreover, Private Advisor Gp Limited Liability Company has 0.02% invested in Archer-Daniels-Midland Company (NYSE:ADM).

    President Trump reacts to possible Winfrey run: 'Yeah, I'll beat Oprah'

    She'd be sort of like me.' Trump stated at the time. "I think one of the arguments against Oprah is 45". Her speech set the internet ablaze with hopes and dreams that she would run for president in 2020 .
    Amazon's Alexa, Google's Assistant compete at CES to control the smart home

    Amazon's Alexa, Google's Assistant compete at CES to control the smart home

    What's more , the device features a single 10-watt speaker to the left of the display for what I suspect are design reasons. Expect a "summer" release date in the United States of America , but we couldn't get a confirmed United Kingdom date.
  • Trump suggests Republicans 'finally take control' of Russian Federation probe

    His team of investigators has expressed interest in speaking with Trump as part of the probe, but no details have been worked out. Mark Warner, D-Va., have worked closely together as panel staff has quietly interviewed more than 100 witnesses.
    Del Potro into Classic tennis final

    Del Potro into Classic tennis final

    Spaniard Roberto Bautista Agut has cruised into the ASB Classic semi-finals with a 7-6 (7-1) 6-2 win over Czech Jiri Vesely in Auckland.

    Cowen Reaffirms Buy Rating for Pepsico (PEP)

    Intersect holds 0.17% in Pepsico, Inc. (NASDAQ:PEP) earned "Sector Perform" rating by RBC Capital Markets on Thursday, October 5. Also, the number of funds holding Pepsico Inc in their top 10 equity positions decreased from 185 to 141 for a decrease of 44.


Most liked

Somewhat Positive Press Coverage Somewhat Unlikely to Affect Gerdau (GGB) Share Price
Over a month, it has seen its stock price volatility to stay at 3.37% while shortening the period to a week, volatility was 3.06%. Gerdau S.A. (NYSE: GGB ) touched its 1-Year High price of $4.69 on 01/11/18 and its 1-Year Low price of $2.60 on 06/15/17.

Lindsay Lohan Steps Out in Style for Grandma's 94th Birthday
Special day: The Parent Trap star's mother and grandmother was also in attendance. "I'm discussing designing my own island in Dubai at the World Islands".

Which Insiders Are Selling Medical Properties Trust, Inc. (MPW)?
IFP Advisors Inc boosted its stake in shares of Medical Properties Trust by 12.1% during the second quarter. The average daily volatility for the week was at 1.76%, which was 0.27 higher than that in the past month.

Saudi women to enter stadiums for first time to watch soccer
The first stadium is to open its doors to women in the Red Sea city of Jiddah today. The result meant Al-Ahli closed the gap on table toppers Al-Hilal to one point.

Cooper Tire & Rubber (CTB) Rating Increased to Buy at Northcoast Research
Northcoast Research raised Cooper Tire & Rubber from a "neutral" rating to a "buy" rating in a report on Wednesday. Cooper Tire & Rubber Company ( CTB ) recently closed with rise of 11.24% to its 20-Day Simple Moving Average.

(INTC) Holdings Trimmed by Narwhal Capital Management
Strategic Financial Services Inc, which manages about $605.49 million US Long portfolio, decreased its stake in Boeing Co. Wg Shaheen And Associates Dba Whitney And Com owns 1.05% invested in Intel Corporation (NASDAQ: INTC ) for 92,453 shares.

Carrie Underwood Premieres New Sports Anthem 'The Champion' Featuring Ludacris
The Champion and its accompanying video will air at the beginning of the telecast before the big American football game, which will take place at the U.S.

The Hill: Trump Lawyer Sues BuzzFeed, Fusion GPS for Defamation Over Dossier
Mr Trump said "we'll see what happens" when asked if he would provide an interview to Mr Mueller's team. The lawyer for Fusion GPS co-founder Glenn Simpson made the revelation after Republican Sen.

49ers LB Reuben Foster arrested on marijuana charge in Alabama
Niners Wire's Chris Biderman shared a picture of Foster's recent arrest photo, which states the charge and a bond of $2,500. He then failed a mandatory drug test, which came back as dilute and, per league rules, had to be treated as positive.

This is What Meghan Markle's First Wedding Dress Looked Like
Taking to Twitter, Samantha wrote: 'Actually she has a large family who were always there with her and for her. However, now that the royal wedding preparations are underway, Samantha is begging Meghan for forgiveness .

Texas A&M Knocks Lady Vols From Unbeaten Ranks
The run was led by Chennedy Carter's hot hand, but the freshman eventually cooled off and the Ags couldn't hold onto their lead. Following Williams's free throws that put the Aggies on top by one, Tennessee had seven seconds for one final chance.

London Mayor Sadiq Khan: 'Donald Trump Is Not Welcome Here'
In November, Ms May directly criticised Mr Trump's decision to retweet material from the far-right extremist group, Britain First. First off, the decision to move the embassy was made under President George W.

Jai Simha movie review and rating by audience
Previously, Actor tasted blockbuster with period drama Gautamiputra Satakarni in 2017. It is wonderful action drama for the family entertainment on the eve of Sankranti.

Has $13.02 Million Holdings in Interpublic Group of Companies Inc (NYSE:IPG)
Staying on top of longer-term price action may help provide investors with a wider range of reference when doing stock analysis. The Fenimore Asset Management Inc holds 2.58 million shares with $53.72 million value, up from 2.56 million last quarter.

Analysts Set Royal Caribbean Cruises Ltd (RCL) Target Price at $127.84
New York State Common Retirement Fund holds 0.09% of its portfolio in Royal Caribbean Cruises Ltd . (NYSE:RCL) for 568,258 shares. The company reported $1.23 earnings per share for the quarter, beating the Thomson Reuters' consensus estimate of $1.21 by $0.02.