By Jean-Jacques DeLisle, contributing writer
For a major processor chipmaker to send a security advisory stating that millions of consumer and server processors may have an unintentionally vulnerable hardware function built into their processors is a big deal. Though potentially harmless and solved with upcoming firmware updates, Intel recently announced such a scenario. Research revealed potential weaknesses in the Management Engine (ME), Server Platform Services, and Intel’s hardware identification tool, Trusted Execution Engine.
“This looks bad, but we don’t yet know how easy it will be to exploit these vulnerabilities,” Filippo Valsorda, a cryptography engineer and researcher, told Wired. “It’s a really wide range of machines that are impacted, not just servers. Intel seems worried enough to publish detection tools and do a well-orchestrated release.”
So why is Intel so concerned? As has been illuminated, the Management Engine is a separate microprocessor within the Intel chips, which can be accessed with administrative privileges and operate outside of the awareness of the main processors and operating systems. The ME exploit may even be a way for hackers to escalate their privileges, thus increasing their ability to manipulate the computer system. Moreover, vulnerabilities in the ME may also allow access to this separate process when the computer is shut down and power is still available.
“Based on public information, we have no real idea how serious this is yet,” wrote Matthew Garrett, a Google security researcher, via Twitter. “It could be fairly harmless, it could be a giant deal. On reflection, I don’t see many outcomes where this is fairly harmless.”
This could very well be true, as the weaknesses affect nearly every recent Intel processor chip for PCs, servers, and Internet of Things (IoT) devices. Though many of the most common theorized security exploits for these Intel processors likely will require physical access to the machine, there may be ways that administrator access can be used over a network to take advantage of these weaknesses.
Intel appears to be proactive about the threat and has published a detection tool after identifying the issues with an in-depth and comprehensive security review of ME, TXE, and SPS. Intel has also provided the necessary materials for system and motherboard manufacturers to provide software updates to solve the known vulnerabilities. Unfortunately, due to the many management engine firmware customizations performed by motherboard and system manufacturers, Intel cannot provide a generic update.
“These updates are available now,” Intel told Wired. “Businesses, system administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems and apply any applicable updates as soon as possible.”
Though the proposed updates may solve this current security threat, how many more are lingering undetected by chipset manufacturers?
Systems potentially affected:
● 6th-, 7th-, and 8th-generation Intel Core Processor Family
● Intel Xeon Processor E3-1200 v5 and v6 Product Family
● Intel Xeon Processor Scalable Family
● Intel Xeon Processor W Family
● Intel Atom C3000 Processor Family
● Apollo Lake Intel Atom Processor E3900 series
● Apollo Lake Intel Pentium Processors
● Intel Celeron G, N, and J series Processors
In this age of extreme system complexity, is any computer system completely safe?
Learn more about Electronic Products Magazine