Intel has just released a new vulnerability alert that can have an impact the majority of your PC and Server fleet.
Today Intel has admitted that a huge amount of Intel silicon is secretly running code. Code that is buggy and exploitable by attackers and malware, to fully and silently compromise computers.
Intel Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) are vulnerable to multiple worrying security flaws. This based on the findings of external security experts.
Full technical information can be found here. The firmware-level bugs allow logged-in administrators, and malicious or hijacked high-privilege processes, to run code beneath the operating system. This can be used to spy on or meddle with the computer completely out of sight of other users and admins. Any holes can also be exploited by network administrators, or those masquerading as admins, to remotely infect machines with spyware and invisible rootkits.
Meanwhile, logged-in users, or malicious or commandeered applications, can leverage the security weaknesses. Then can extract confidential and protected information from the computer’s memory, potentially giving miscreants sensitive data. Passwords or cryptographic keys can then be used to kick off other attacks. This is especially bad news on servers and other shared machines. (Full Article).
Intel have been proactive in releasing code. But the ultimate solution is for each of the hardware vendors (Dell, HP, Lenovo, and etc.) to release BIOS updates. BlueScale are waiting for this information for all PC models we support. We will contact our clients as soon as we know they are available and schedule a rollout plan to update the affected systems. Meanwhile, we will apply port security on our clients’ firewalls to block the ports that the Intel AMT system uses. This will stop potential attacks across their networks. This is not a 100% solution, but it mitigates the risk until the real BIOS fixes can be deployed ASAP.
If you have any questions or concerns please feel free to contact us for more information.