Critical vulnerabilities in Intel processors

in #security9 years ago

In a posts two weeks ago, I mentioned that Intel processors have a hidden operating system to which the user doesn't have access.

intel4.jpg
kaleidoscope source

We didn't have to wait long to find the first security holes. Intel certified 11 serious bugs this week that are in millions of processors around the world.
Well, Intel did it only after Maxim Goryachy and Mark Ermolov of Positive Technologies discovered a critical vulnerability in ME (Management Engine) in the processors. Full access to your computer can be obtained through ME. Even if the computer is turned off but connected, ME can run because it uses a special microprocessor.

int2.jpg
kaleidoscope source

As I noted, Google found that ME is running on a modified version of MINIX, which even has a web server and IP support (IP stack), so they wrote their own firmware that runs on Linux and doesn't have that.

Intel quickly prepared the tool to check if the processor contains any of the vulnerabilities found. The only good news is that for now, it looks like an attack requires local access or an existing presence in the network or administrator privileges.

There's no evidence that vulnerabilities are being exploited already but millions of computers are potentially at risk.

More security news:
Did you know that you have more than one operating system on your computer?
Android Oreo Bug
Encryption History
Cryptocomic
Encryption Technology
The Internet Of Ransomware Things
Who is Spying on You? And How to Stop Them?

logosecko.gif
@seckorama

#computers #technology #busy #teamslovenia
9 years ago in #security by
$5.23
  • Past Payouts $5.23
  • - Author $4.47
  • - Curators $0.76
71 votes
Reply 9
Sort:  
  • Trending
    • [-]
     9 years ago 

    This post received a 100% upvote from @morwhale team thanks to @seckorama! For more information, click here! , TeamMorocco! .

    [-]
     9 years ago 

    Calling @originalworks :)
    img credz: pixabay.com
    Nice, you got a 32.0% @aqibwarsi upgoat, thanks to @seckorama
    It consists of $2.12 vote and $0.51 curation
    Want a boost? Minnowbooster's got your back!

    $0.00
      Reply
      [-]
       9 years ago 

      The @OriginalWorks bot has determined this post by @seckorama to be original material and upvoted(1.5%) it!

      ezgif.com-resize.gif

      To call @OriginalWorks, simply reply to any post with @originalworks or !originalworks in your message!

      $0.00
        Reply
        [-]
         9 years ago 

        This post has received a 0.80 % upvote from @booster thanks to: @seckorama.

        $0.00
          Reply
          [-]
           9 years ago 

          Resteemed by @resteembot! Good Luck!
          Curious?
          The @resteembot's introduction post
          The @reblogger's introduction post
          Get more from @resteembot with the #resteembotsentme initiative
          Check out the great posts I already resteemed.

          $0.00
            Reply
            [-]
             9 years ago 

            Resteemed by @resteembot! Good Luck!
            Curious?
            The @resteembot's introduction post
            The @reblogger's introduction post
            Get more from @resteembot with the #resteembotsentme initiative
            Check out the great posts I already resteemed.

            $0.00
              Reply
              [-]
               9 years ago 

              omg that gif!! LMAO!!! XD omg... I run an old version of intel, am I still vulnerable? does having a strong password for my windows 7 prevents an attack?

              $0.00
                Reply
                [-]
                 9 years ago (edited)

                Not sure that strong passwords could prevent this type of attack... probably not?

                $0.00
                  Reply

                  Coin Marketplace

                  STEEM 0.05
                  TRX 0.33
                  JST 0.079
                  BTC 63481.02
                  ETH 1684.55
                  USDT 1.00
                  SBD 0.42