One of the world's largest semiconductor chip makers, Intel, has come under fire after the company had sold workstations and server chips with a vulnerability that could give an attacker absolute control over the machine.
The bug has affected Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology firmware versions 6.x to 11.6. If this bug was exploited, then the attacker could have unfettered access to the targeted machine.
AMT allows an authorized users to remotely manage a machine. It requires an authorized user password, but this vulnerability skips this process, and give the keys to any user with a copy of Metasploit.
However, this bug remained undetected for almost nine years, and the company has been selling vulnerable chips in the market for almost a decade. So, no one can decide how many computers are at risk, there must be hundreds of millions of devices.
Charlie Demerjian, wrote on blog SemiAccurate said, “the short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole.”
He added, “even if your machine doesn’t have SMT, ISM, or SBT provisioned, it is still vulnerable, just not over the network.”
The Intel has released a firmware update.
The bug has affected Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology firmware versions 6.x to 11.6. If this bug was exploited, then the attacker could have unfettered access to the targeted machine.
AMT allows an authorized users to remotely manage a machine. It requires an authorized user password, but this vulnerability skips this process, and give the keys to any user with a copy of Metasploit.
However, this bug remained undetected for almost nine years, and the company has been selling vulnerable chips in the market for almost a decade. So, no one can decide how many computers are at risk, there must be hundreds of millions of devices.
Charlie Demerjian, wrote on blog SemiAccurate said, “the short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole.”
He added, “even if your machine doesn’t have SMT, ISM, or SBT provisioned, it is still vulnerable, just not over the network.”
The Intel has released a firmware update.