The Electronic Frontier Foundation points out the security issues of Intel's CPU


ByChris Potter

IntelReported that CPUs that appeared in the past 10 years are vulnerable to being remotely controlledHowever, in this case, the Electronic Frontier Foundation (EFF) pointed out that there is a problem with the small computer "Management Engine" included in the Intel CPU in which these vulnerable systems are installed, and the fundamental We want Intel to solve the Management Engine.

Intel's Management Engine is a security hazard, and users need a way to disable it | Electronic Frontier Foundation
https://www.eff.org/deeplinks/2017/05/intels-management-engine-security-hazard-and-users-need-way-disable-it

Intel announced on 1 May 2017, "Intel Active Management Technology (AMT)", "Intel Small Business Technology (SMT)", "Intel Standard Manageability (ISM)", etc. An attacker remotely equivalent to a machine administrator We reported that there is a vulnerability to obtain the authority of. The affected CPU is widely ranging from the 1st generation to the 7th generation of the "Core i series", and the security urgency is "Critical". For details, read the following article and you will understand it well.

Intel's urgent patch will be released for remotely operated vulnerabilities in CPUs that appeared in the last decade - GIGAZINE


Intel has released an urgent patch as a countermeasure, as well as a list of firmware updates of OEM manufacturers. Although Intel says, "These vulnerabilities do not affect general PCs," some business PCs and workstations are equipped with these systems, and vulnerability affects An analysis tool that can check whether or not is also made public.

Download INTEL-SA-00075 Detection Guide
https://downloadcenter.intel.com/download/26755


AMT, one of the above vulnerabilities, is a management function for system administrators to remotely control the machines used by organizations and employees. Although AMT is shipped with it installed in "Management Engine (ME)" installed in many Intel chips, ME is not able to be managed by user side. Although the ME is also included in the Intel chip of Mac, since AMT is not installed, it is limited to Windows machines only.

EFF tells users of affected machines that "ME cleanerTo invalidate the ME using the "Recommendation" is recommended. However, because there is a possibility that some hardware may become unusable by this tool, EFF requires Intel to reveal the countermeasure again.

in Software,   Hardware,   Security, Posted by darkhorse_log