Coming fast on the heels of Spectre and Meltdown is a security vulnerability in Intel's Active Management Technology (AMT).
F-Secure said Friday it had found a serious flaw in Intel hardware which could enable hackers to access corporate laptops remotely.
"Attackers have identified and located a target they wish to exploit".
Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. Weaknesses in the tech have been discovered before (examples here and here) but the latest flaw is nonetheless noteworthy because of the ease of exploitation.
The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorized user from booting up the device or making low-level changes to it, does not prevent unauthorized access to the AMT BIOS extension. What he has essentially done here is set up the machine to allow remote access without the user's knowledge that the computer is being exploited.
The new flaw targets laptops, especially those powered by Intel's enterprise-focused vPro processors, and exploits the remote access monitoring and maintenance tools provided by AMT to gain total control over the machine.
The attackers can then log into Intel Management Engine BIOS Extension using the default "admin" password (most likely never altered) and change it to whatever they wish. Access to the device may also be possible from outside the local network via an attacker-operated CIRA server.
"The security issue is nearly deceptively simple to exploit, but it has incredible destructive potential", said Harry Sintonen, senior security consultant at F-Secure, who investigated the issue after discovering it in mid-2017.
He warned: "It can give an attacker complete control over an individual's work laptop".
Former Klan Leader Dies In Prison
Chaney, Schwerner and Goodman were shot on a rural road near Killen's home and then buried 15 feet deep in an earthen dam. The jury was unable to agree on a verdict for Killen with the hold-out juror saying she could never convict a preacher.
Although the initial attack requires physical access to the device, Sintonen explained that the speed with which it can be done makes it relatively exploitable in a so-called "evil maid" scenario. "You leave your laptop in your hotel room while you go out for a drink".
Sintonen said even a minute of distracting a target from their laptop at an airport or coffee shop is enough to enable an attacker to gain access to the target machine.
Intel AMT is a feature of Intel CPUs that allows system administrators of larger networks to perform remote out-of-band management of personal computers in order to monitor, maintain, update, or perform upgrades from afar, without physical access to devices.
Sintonen stumbled upon the issue in July 2017, and notes that another researcher* also mentioned it in a more recent talk.
Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password.
Technically, this is not a vulnerability, the researchers said, but a combination of a default password, insecure default configuration and unexpected behaviour that affects most, if not all, laptops that support Intel Management Engine or Intel AMT.
According to researchers at F-Secure, "The issue allows a local intruder to backdoor nearly any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. Since then we have been coordinating with laptop vendors and with Intel", F-Secure spokeswoman Melissa Michael tells ISMG. "Despite there being information available for manufacturers on how to prevent this, manufacturers are still not following best practices, leaving vast numbers of vulnerable laptops out there". However, most users don't set one. "That is why it's important to raise public awareness".
Sintonen recommends that companies configure an AMT password so attackers wouldn't be able to boot via MEBx and compromise the system. As a result, an unauthorised person with physical access to a computer in which access to MEBx is not restricted, and in which AMT is in factory default, could potentially alter its AMT settings.
When ordering new devices, consider whether to order them without AMT, AMT disabled by default, or to provision AMT before enrolment. This guidance (PDF) was updated and reiterated last November. However, many device manufacturers do not follow this advice.
Rarely have so many top players begun the season either carrying injuries or taking the early steps back from lengthy absences. Although she will play no part at Melbourne Park over the next two weeks, Williams' sparkling record can not be ignored.
NXP Semiconductors accounts for 3.9% of Lathrop Investment Management Corp's holdings, making the stock its 12th largest position. Claus Moller increased its stake in Broadsoft Inc (BSFT) by 59.11% based on its latest 2017Q3 regulatory filing with the SEC.
The Florida House has overwhelmingly approved a ban against sanctuary policies. "Let's talk about the rule of law". "Do your duty. It would impose fines of up to $5,000 a day on local governments that refuse to cooperate with immigration detainers.
The president gets little physical exercise and uses a cart during his frequent golf outings. "It's a very sad situation". She said that if it were up to her, she would insist on a much more comprehensive exam for Trump .
Chinese e-taxi giant Didi Chuxing has confirmed earlier reports that it's acquiring leading Brazilian ride-hailing company 99. Didi, the world's biggest ride-hailing company, has a history of battling Uber, forcing it to pull out of China.
The path of the Senate Judiciary Committee is uncertain as Feinstein and Grassley have disagreed on the focus of the probe. Republicans have indicated they want to wrap up the investigation in the first part of 2018. "Those Democrats, Sen.
It was very important for her because it would be the first time people heard from her in any detail about the Me Too movement . King, who attended the awards ceremony alongside Winfrey and Graham , said being in the room was 'electrifying'.
Following a brief teaser during an National Football League playoffs commercial last weekend (Jan. 7), Carrie Underwood shared a new anthemic jam " The Champion ", which features rap veteran Ludacris .
While chatting in the the auto , Franco surprised her by suddenly taking his penis out, she said, and putting her hand on it. Hilary Dusome and Natalie Chmiel , former students of Franco's at Playhouse West in North Hollywood, told the L.A.
For months past year , Ashley had to use a wheelchair after hitting her head during a particularly bad seizure. Her parents say it treats the epilepsy she developed after undergoing chemotherapy for leukemia.
Commenting on the White House meeting , Graham said on Friday that diversity had always been the United States' strength. His administration is expected to challenge the decision while Congress negotiates a bill for the Dreamers.
What a Rare Snow in the Sahara Looks Like From Space
Before that snow was last seen in Ain Sefra on February 18, 1979, when the snow storm lasted just half an hour. While snow is historically scant in the desert area, a similar snow phenomenon happened just previous year .
Investors Buy UnitedHealth Group (UNH) on Weakness
It is negative, as 46 investors sold MRK shares while 619 reduced holdings. 118 funds opened positions while 525 raised stakes. ValuEngine lowered UnitedHealth Group from a "buy" rating to a "hold" rating in a research report on Thursday, December 7th.
Could The Vikings Be Set To Win Their First Ever Super Bowl?
Mariota was consistently on the big stage in college, and he looked prepared for the intensity that came with postseason play. The Wentz-less Birds will have a tough task this Saturday, as the Falcons are one of the hottest teams around the league.
Supreme Court to hear online sales tax case
Perez , which claim that Texas' congressional and state legislative districts were drawn to dilute Hispanic voters' influence. The case is expected to draw a long list of supporters and opponents of South Dakota's challenge.