Announce that security researchers will announce at Black Hat Europe 2017 how to discover Intel ME's vulnerability and invalidate protection system

"Intel Management Engine (Intel ME)" is a microcontroller built into the motherboard chipset that controls peripheral devices and is responsible for almost all communication between CPU and external devices. For this reason, Intel ME has the feature that it can access almost all data on the computer. A demo on Intel ME hack, which should also be called "God mode", is a security event "Black Hat Europe 2017It is announced that it will be announced in.

How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine - Black Hat Europe 2017 | Briefings Schedule

Mr. Mark Elmorov of Mr. Positive Technologies security researcher and Mr. Mashikim Golkie who is planning to demonstrate hacking on Intel ME. Positive Technologies already reported that it discovered the Intel ME invalidation method in August 2017, also released a utility tool for invalidation on GitHub, and the security problem concerning Intel ME is apparent several times over Although it was revealing the intention to make it, it will be a subsequent report.

A way to invalidate Intel ME 11 will be released - GIGAZINE

According to Positive Technologies, in the transition to Intel ME 11 which was done in recent years, attention to Intel ME gathers further because subsystem vulnerability was discovered. Positive Technologies says that an attacker could execute unsigned code via the Platform Controller Hub (PCH) microchip on any motherboard since the Intel Skylake series.

Mr. Mark Elmorov and Mr. Mashikim Golkie show how the vulnerability of Intel ME was discovered in Black Hat Europe 2017 to be held in London from December 4, 2017, how it was incorporated into the system I will explain whether I could bypass the protection mechanism.

in Software,   Security, Posted by darkhorse_log