Intel has finally acknowledged that its server platform services, Intel Management Engine (IME) and Trusted Execution Engine have security flaws. Security researchers have long been warning about the Intel processor flaw in the remote administration stating that though the platform is useful for IT managers, it is vulnerable to hacks as well.
Intel processor flaw – how fatal it is?
Intel discovered the vulnerabilities after it carried out a security audit, following the research. The chipmaker also came up with a Detection Tool to allow Windows and Linux administrators to check to see if their systems are vulnerable also.
“Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to the platform, Intel ME feature, and third-party secrets protected by the ME, Server Platform Service (SPS), or Trusted Execution Engine (TXE),” Intel said on Monday.
The Intel Management Engine consists of its own CPU and operating system, an x86 Quark core and MINIX that manages the machine entirely. The Management Engine is also capable of letting the network administrator access the server or workstation remotely, and do the necessary fixes, reinstall the operating system, control the desktop and so on.
For PC users and their OS, the IME is completely transparent, and operates on a lower level so users have no way to detect that the IME of their system is compromised. Use of the open-source Minix embedded operating system for IME functions can be partially blamed for this Intel processor flaw, according to Gadgets360. Intel has been using the same setup since the Skylake generation.
The scary part of the whole story is that the IME cannot be removed entirely as it is a physical component installed in the computer’s CPU. IME’s firmware, however, can be switched out, notes TheNextWeb.
How it can be fixed?
Security research firm, Positive Technologies, will talk about the findings at the annual Black Hat Europe conference, which starts on Dec. 4. The company stated that the researchers are able to introduce any code and execute it because of the design decision that links the IME to a PC’s USB subsystem for debugging mechanism. Positive Technologies refers to the vulnerability as a “God-Mode” hack because of the power it can give to the hacker.
There are companies that do not rely any more on the IME. For instance, Purism, the laptop manufacturing company, sells their system without the IME. Speaking to TheNextWeb, Purism co-founder and CEO Todd Weaver, said it has now become clear that Intel’s ME is a risky bet. Weaver also stated that having access to any Intel machine could mean attackers or criminals can access and have complete control.
“The Intel ME, long theorized to be the scariest of threats is no longer just theory,” Weaver said.
Intel has released the list of firmware updates, and has stated that the customer should contact their vendors to get these updates. The chipmaker also stated that system administrators, businesses and system owners who have the computers or devices fitted with the Intel products should contact their vendors. According to Wired, so far only Lenovo is offering the updates.