Security researchers have found a prime security hole in Intel processor and Intel management engine that hits the CPU hard. This could enable hackers to access corporate laptops remotely, as reported by Finnish cybersecurity firm specialist F-Secure. As stated by F-Secure that the security flaw in Intel AMT had nothing to do with Meltdown vulnerabilities and Spectre which are found in the microchips that are mostly used in all computers, tablets, and smartphones today.
The Intel Active Management Technology is sketched, to allow the access of the administrators to update PCs even when the PCs are turned off. It just needs an internet connection and wall socket so that it can be updated, but this also risks the security as hackers can gain access to the entire machine.
The issue is within the Intel Active Management Technology (AMT). “Which is commonly found in most corporate laptops, allows an attacker to take complete control over a user’s device in a matter of seconds”- F-Secure. As the firm says that the issue will affect millions of laptops globally. “A successful attack would lead to complete loss of confidentiality, integrity, and availability” as said by F-Secure.
Sintonen, F-Secure expert said that the organization needs to set a strong password or disable AMT completely if possible because once inside the AMT, the attacker can log in by putting new password or configuring AMT to subdue notifications so that the attacker can have access to the entire system and also prevent the users from knowing what’s happening.
Intel appreciates the fact that the experts were highlighting the issue. “ we issued guidance on best configuration practices in 2015 and updated it in November 2017, and strongly urge original equipment manufacturers (OEMs) to configure their systems to maximize security” told Intel spokesman to AFP.