Critical Flaw Found in Intel Processors May Surrender Complete Control of Laptop

Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords

Coming fast on the heels of Spectre and Meltdown is a security vulnerability in Intel's Active Management Technology (AMT).

F-Secure said Friday it had found a serious flaw in Intel hardware which could enable hackers to access corporate laptops remotely.

"Attackers have identified and located a target they wish to exploit".

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. Weaknesses in the tech have been discovered before (examples here and here) but the latest flaw is nonetheless noteworthy because of the ease of exploitation.

The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorized user from booting up the device or making low-level changes to it, does not prevent unauthorized access to the AMT BIOS extension. What he has essentially done here is set up the machine to allow remote access without the user's knowledge that the computer is being exploited.

The new flaw targets laptops, especially those powered by Intel's enterprise-focused vPro processors, and exploits the remote access monitoring and maintenance tools provided by AMT to gain total control over the machine.

The attackers can then log into Intel Management Engine BIOS Extension using the default "admin" password (most likely never altered) and change it to whatever they wish. Access to the device may also be possible from outside the local network via an attacker-operated CIRA server.

"The security issue is nearly deceptively simple to exploit, but it has incredible destructive potential", said Harry Sintonen, senior security consultant at F-Secure, who investigated the issue after discovering it in mid-2017.

He warned: "It can give an attacker complete control over an individual's work laptop".

Former Klan Leader Dies In Prison
Chaney, Schwerner and Goodman were shot on a rural road near Killen's home and then buried 15 feet deep in an earthen dam. The jury was unable to agree on a verdict for Killen with the hold-out juror saying she could never convict a preacher.

Alibaba Group Holding Ltd (BABA) Shares Bought by Private Asset Management Inc
The current 50-day Moving Average is 181.27, the 200-day Moving Average is 155.95, and the 7-day is noted at 189.30. Standpoint Research initiated Alibaba Group Holding Limited (NYSE: BABA ) on Monday, August 24 with "Buy" rating.

Rory McIlroy reveals heart 'irregularity' stemming from 2016 virus in China
It is what will be driving the four-time Major victor when he kick starts his 11th season in the pay-for-pay ranks. He says doctors told him it was caused by a viral infection he suffered in China 18 months ago.

Although the initial attack requires physical access to the device, Sintonen explained that the speed with which it can be done makes it relatively exploitable in a so-called "evil maid" scenario. "You leave your laptop in your hotel room while you go out for a drink".

Sintonen said even a minute of distracting a target from their laptop at an airport or coffee shop is enough to enable an attacker to gain access to the target machine.

Intel AMT is a feature of Intel CPUs that allows system administrators of larger networks to perform remote out-of-band management of personal computers in order to monitor, maintain, update, or perform upgrades from afar, without physical access to devices.

Sintonen stumbled upon the issue in July 2017, and notes that another researcher* also mentioned it in a more recent talk.

Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password.

Technically, this is not a vulnerability, the researchers said, but a combination of a default password, insecure default configuration and unexpected behaviour that affects most, if not all, laptops that support Intel Management Engine or Intel AMT.

According to researchers at F-Secure, "The issue allows a local intruder to backdoor nearly any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. Since then we have been coordinating with laptop vendors and with Intel", F-Secure spokeswoman Melissa Michael tells ISMG. "Despite there being information available for manufacturers on how to prevent this, manufacturers are still not following best practices, leaving vast numbers of vulnerable laptops out there". However, most users don't set one. "That is why it's important to raise public awareness".

Sintonen recommends that companies configure an AMT password so attackers wouldn't be able to boot via MEBx and compromise the system. As a result, an unauthorised person with physical access to a computer in which access to MEBx is not restricted, and in which AMT is in factory default, could potentially alter its AMT settings.

When ordering new devices, consider whether to order them without AMT, AMT disabled by default, or to provision AMT before enrolment. This guidance (PDF) was updated and reiterated last November. However, many device manufacturers do not follow this advice.

Related:

  • Nadal, Halep named top seeds for Australian Open

    Nadal, Halep named top seeds for Australian Open

    Rarely have so many top players begun the season either carrying injuries or taking the early steps back from lengthy absences. Although she will play no part at Melbourne Park over the next two weeks, Williams' sparkling record can not be ignored.
    Meghan Markle's Family Drama Escalates Just in Time for the Royal Wedding

    Meghan Markle's Family Drama Escalates Just in Time for the Royal Wedding

    She said, "I'd be lying to say that I wouldn't be hurt if I didn't get an invite but that's really up to her". Samantha, who now lives in Florida, says the last time she spoke to Meghan was in 2014.

    Brokerages Set NXP Semiconductors NV (NXPI) PT at $111.87

    NXP Semiconductors accounts for 3.9% of Lathrop Investment Management Corp's holdings, making the stock its 12th largest position. Claus Moller increased its stake in Broadsoft Inc (BSFT) by 59.11% based on its latest 2017Q3 regulatory filing with the SEC.
  • Florida House Passes Sanctuary Policy Ban

    Florida House Passes Sanctuary Policy Ban

    The Florida House has overwhelmingly approved a ban against sanctuary policies. "Let's talk about the rule of law". "Do your duty. It would impose fines of up to $5,000 a day on local governments that refuse to cooperate with immigration detainers.
    Trump has received physical checkup as president

    Trump has received physical checkup as president

    The president gets little physical exercise and uses a cart during his frequent golf outings. "It's a very sad situation". She said that if it were up to her, she would insist on a much more comprehensive exam for Trump .
    Didi buys 99 Taxis, igniting fight with Uber in Latin America

    Didi buys 99 Taxis, igniting fight with Uber in Latin America

    Chinese e-taxi giant Didi Chuxing has confirmed earlier reports that it's acquiring leading Brazilian ride-hailing company 99. Didi, the world's biggest ride-hailing company, has a history of battling Uber, forcing it to pull out of China.
  • Bannon to Appear Before House Committee for Russia Probe

    Bannon to Appear Before House Committee for Russia Probe

    The path of the Senate Judiciary Committee is uncertain as Feinstein and Grassley have disagreed on the focus of the probe. Republicans have indicated they want to wrap up the investigation in the first part of 2018. "Those Democrats, Sen.
    Winfrey highlights story of black woman raped by white men

    Winfrey highlights story of black woman raped by white men

    It was very important for her because it would be the first time people heard from her in any detail about the Me Too movement . King, who attended the awards ceremony alongside Winfrey and Graham , said being in the room was 'electrifying'.
    Carrie Underwood and Ludacris score a touchdown with Super Bowl song

    Carrie Underwood and Ludacris score a touchdown with Super Bowl song

    Following a brief teaser during an National Football League playoffs commercial last weekend (Jan. 7), Carrie Underwood shared a new anthemic jam " The Champion ", which features rap veteran Ludacris .
  • More claim sexual inappropriateness against James Franco

    More claim sexual inappropriateness against James Franco

    While chatting in the the auto , Franco surprised her by suddenly taking his penis out, she said, and putting her hand on it. Hilary Dusome and Natalie Chmiel , former students of Franco's at Playhouse West in North Hollywood, told the L.A.
    AG: Girl can use medical marijuana at school

    AG: Girl can use medical marijuana at school

    For months past year , Ashley had to use a wheelchair after hitting her head during a particularly bad seizure. Her parents say it treats the epilepsy she developed after undergoing chemotherapy for leukemia.
    SWEET: Immigration talks continue after Trump's head-spinning meeting

    SWEET: Immigration talks continue after Trump's head-spinning meeting

    Commenting on the White House meeting , Graham said on Friday that diversity had always been the United States' strength. His administration is expected to challenge the decision while Congress negotiates a bill for the Dreamers.

Comments

Latest news

What a Rare Snow in the Sahara Looks Like From Space
Before that snow was last seen in Ain Sefra on February 18, 1979, when the snow storm lasted just half an hour. While snow is historically scant in the desert area, a similar snow phenomenon happened just previous year .

This may be a bad flu season, especially around the holidays
That's partially because flu vaccines tend to be less effective against H3N2 compared to other strains of the virus . Mike Campbell has been CEO of La Esperanza for 13 years and for him this flu season is one that stands out.

Carillion crisis deepens after reports construction firm's lenders rejected rescue plan
A government spokesperson said: "We can confirm that a ministerial meeting took place yesterday, 11 January". But it is perhaps best known for being one the largest suppliers of services to the public sector.

London Family Could Derail New £1 Billion Stamford Bridge
The Crosthwaite family live in a cottage right on the outskirts of Stamford Bridge and have been doing so for 50 years. A three-bedroom property on the same street as the Crosthwaites sold for £1.18m previous year .

Saudi women to enter stadiums for first time to watch soccer
The kingdom has also announced that starting in June women will be allowed to drive, lifting the world's only ban on female drivers.

Investors Buy UnitedHealth Group (UNH) on Weakness
It is negative, as 46 investors sold MRK shares while 619 reduced holdings. 118 funds opened positions while 525 raised stakes. ValuEngine lowered UnitedHealth Group from a "buy" rating to a "hold" rating in a research report on Thursday, December 7th.

Could The Vikings Be Set To Win Their First Ever Super Bowl?
Mariota was consistently on the big stage in college, and he looked prepared for the intensity that came with postseason play. The Wentz-less Birds will have a tough task this Saturday, as the Falcons are one of the hottest teams around the league.

Donald Trump's Attorney Sues Buzzfeed Over Russian 'Dossier'
He defended BuzzFeed's decision to publish the dossier , despite having not verified the accuracy of its contents. After he won the election, Fusion GPS allowed the dossier to fall into BuzzFeed's hands, the suit says.

Supreme Court to hear online sales tax case
Perez , which claim that Texas' congressional and state legislative districts were drawn to dilute Hispanic voters' influence. The case is expected to draw a long list of supporters and opponents of South Dakota's challenge.

Quarterback position at MSU, Alabama will be worth watching — Smith on Sports
Tagovailoa started the second half after Nick Saban rolled the dice with starting quarterback Jalen Hurts struggling. There also will be a quarterback competition come spring practice, but that's for discussion at a later date.

GSA Capital Partners LLP Purchases Shares of 10638 First Solar, Inc. (FSLR)
The Company also develops, designs, constructs and sells PV solar power systems that primarily use the modules it manufactures. Following the transaction, the chief operating officer now owns 10,424 shares of the company's stock, valued at $707,059.92.

Google Assistant coming to smart displays, Lenovo already announces one
The QC 35 II headphones became the first headphones to incorporate Google Assistant when Bose Corp. launched them in September. Available in two size options of 8- and 10-inches, the two Lenovo smart displays share the same basic specification.

Bill Cosby talks #MeToo movement during dinner in Philadelphia
After shaking a reporter's hand, Cosby said "Please, don't put me on MeToo", according to The Philadelphia Inquirer . In June, a mistrial was declared in Cosby's alleged 2004 rape of Andrea Constand .

North and South Korea talks result of my 'tough stance': Donald Trump
Seoul agreed to send a five-member delegation to the truce village of Panmunjom, just north of the two foes' de facto border. Chang said the Winter Olympics in Pyeongchang should be successful as the event is an important festival for Koreans.

QUALCOMM, Inc. (QCOM) Shares Bought by Xact Kapitalforvaltning AB
Fred Cummings decreased its stake in Comerica Inc (CMA) by 15.16% based on its latest 2017Q3 regulatory filing with the SEC. New Jersey-based Supplemental Annuity Collective Trust Of Nj has invested 0.51% in QUALCOMM Incorporated (NASDAQ: QCOM ).

Other news