Intel CPUs vulnerable to security tampering, company admits

By Hardik Singh | Published on 22 Nov 2017
Intel CPUs vulnerable to security tampering, company admits
HIGHLIGHTS

If you have a 6th, 7th or 8th gen Intel CPU on your office PC, then your PC is vulnerable to security issues.

Advertisements

Looking for a simpler way to upgrade your applications?

IBM helps you develop and modernize all your applications with Java open systems. Get all the tools, guidance and training that is required to speed up development.

Click here to know more

Intel chips have a remote management chip separate from the main CPU which allows IT managers to monitor, maintain, update, upgrade, and repair access remotely, among other things. Security researchers have found out that these chips available on Intel’s wide variety of products ranging from office machines, servers to even IOTs have security flaws. If exploited, this management engine can provide the attackers even full control over the system, in worst case scenario. On Monday, the company released a security advisory on the same and even published a detection tool for administrators. The tool is available for Windows and Linux machines.

The IME aka Intel Management Engine is like a subsystem on the chipset running alongside the main CPU and runs on MINIX otherwise known as mini-Unix code. The management engine (ME) has network access, memory access, access to the host operating system and even the cryptography engine. The worst part is that the ME can continue to work even if the system is turned off, although it should be connected to power.

Many security firms raised serious security concerns on its deployment six years ago when it was first introduced, and since then various security firms have been trying to find vulnerabilities. For the paranoid though, there are even methods available online on how to disable the ME.

The ME vulnerability affects the following Intel CPUs:

  • Intel’s 6th gen (Skylake), 7th gen (Kaby Lake) and 8th gen (Kaby Lake) processors.
  • Most laptops launched using Intel chips launched since 2015
  • Intel Xeon Processor E3-1200 v5 & v6 Product Family, Xeon W family and Xeon scalable family
  • Intel Atom C3000 processor family, Apollo lake E3900 series and Apollo Lake Pentium processors
  • Intel Celeron N and J series processors

Almost all major laptop and PC hardware makers have started releasing security updates to resolve the issue and you can go to Intel’s website or your motherboard/laptop manufacturers to get the update. Intel states that Consumer PCs with consumer firmware and Data centre PCs using Intel Server platform services are not affected by this vulnerability.

logo
Hardik Singh

Light at the top, this odd looking creature lives under the heavy medication of video games.

Digit caters to the largest community of tech buyers, users and enthusiasts in India. The all new Digit in continues the legacy of Thinkdigit.com as one of the largest portals in India committed to technology users and buyers. Digit is also one of the most trusted names when it comes to technology reviews and buying advice and is home to the Digit Test Lab, India's most proficient center for testing and reviewing technology products.

We are about leadership-the 9.9 kind! Building a leading media company out of India.And,grooming new leaders for this promising industry.

DMCA.com Protection Status