Intel chips have a remote management chip separate from the main CPU which allows IT managers to monitor, maintain, update, upgrade, and repair access remotely, among other things. Security researchers have found out that these chips available on Intel’s wide variety of products ranging from office machines, servers to even IOTs have security flaws. If exploited, this management engine can provide the attackers even full control over the system, in worst case scenario. On Monday, the company released a security advisory on the same and even published a detection tool for administrators. The tool is available for Windows and Linux machines.
The IME aka Intel Management Engine is like a subsystem on the chipset running alongside the main CPU and runs on MINIX otherwise known as mini-Unix code. The management engine (ME) has network access, memory access, access to the host operating system and even the cryptography engine. The worst part is that the ME can continue to work even if the system is turned off, although it should be connected to power.
Many security firms raised serious security concerns on its deployment six years ago when it was first introduced, and since then various security firms have been trying to find vulnerabilities. For the paranoid though, there are even methods available online on how to disable the ME.
The ME vulnerability affects the following Intel CPUs:
- Intel’s 6th gen (Skylake), 7th gen (Kaby Lake) and 8th gen (Kaby Lake) processors.
- Most laptops launched using Intel chips launched since 2015
- Intel Xeon Processor E3-1200 v5 & v6 Product Family, Xeon W family and Xeon scalable family
- Intel Atom C3000 processor family, Apollo lake E3900 series and Apollo Lake Pentium processors
- Intel Celeron N and J series processors
Almost all major laptop and PC hardware makers have started releasing security updates to resolve the issue and you can go to Intel’s website or your motherboard/laptop manufacturers to get the update. Intel states that Consumer PCs with consumer firmware and Data centre PCs using Intel Server platform services are not affected by this vulnerability.