• Hosted by Branzone
  • PayPal Donate

Remote security exploit in all 2008+ Intel platforms

Submitted by: Odio @ 05:13 PM | Monday, May 1, 2017 | (url: https://semiaccur...)

The short version is that every Intel platform with AMT, ISM, and SBT from Nehalem in 2008 to Kaby Lake in 2017 has a remotely exploitable security hole in the ME (Management Engine) not CPU firmware. If this isnt scary enough news, even if your machine doesnt have SMT, ISM, or SBT provisioned, it is still vulnerable, just not over the network. For the moment. From what SemiAccurate gathers, there is literally no Intel box made in the last 9+ years that isnt at risk. This is somewhere between nightmarish and apocalyptic.

First a little bit of background. SemiAccurate has known about this vulnerability for literally years now, it came up in research we were doing on hardware backdoors over five years ago. What we found was scary on a level that literally kept us up at night. For obvious reasons we couldnt publish what we found out but we took every opportunity to beg anyone who could even tangentially influence the right people to do something about this security problem. SemiAccurate explained the problem to literally dozens of right people to seemingly no avail. We also strongly hinted that it existed at every chance we had.

Various Intel representatives over the years took my words seriously, told me I was crazy, denied that the problem could exist, and even gave SemiAccurate rather farcical technical reasons why their position wasnt wrong. Or dangerous. In return we smiled politely, argued technically, and sometimes, usually actually, were not so polite about our viewpoint. Unfortunately it all seems to have been for naught.

Category: Technology | 22 Comments
Tags: intel

05-01-17 - 05:14 PM
Intel Product Security Center


There is an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs.
05-01-17 - 05:40 PM
DOS 5.1 for LYFE !!!
05-01-17 - 06:33 PM
I can't understand that shit.. would you say it is time to panic?
05-01-17 - 06:35 PM
The short version is


and ps

:fu:
05-01-17 - 06:49 PM
odds are most home systems dont have AMT/ISM/SBT enabled (or even support it) so most ppl here prob dont have to worry

servers tho, ugh
05-01-17 - 07:34 PM
hardware security is complete ass and research to change that didn't start until the last five years or so. random teardowns and checking for unexpected behavior is about the extent of it.

still expecting to find out one day that someone snuck a bug into the verilog compiler or an east asian foundry has been throwing in something a little extra. stuff like that has so far been limited to stealing IP and accusations thrown around of state actors using it to sabotage syria's air defense, north korean missiles, and the like.
05-01-17 - 07:53 PM
05-01-17 - 07:59 PM
and some less sensationalized analysis

mjg59 | Intel's remote AMT vulnerablity
05-01-17 - 08:24 PM
Oh no - someone might see my porn history or my old tribes screenshots.

Apocalyptic
05-01-17 - 08:38 PM
What if there is a database where you can type in your cpus serial number and it will pull up a .txt with everything ever typed on the computer it was in?
05-01-17 - 08:56 PM
what if an alien came down and shit on your head
05-01-17 - 09:04 PM
Originally posted by motoxbudd  
what if an alien came down and shit on your head
05-01-17 - 09:52 PM
what the fuck does all this mean?
05-02-17 - 01:50 AM
odio level 5 super computer master
05-02-17 - 02:17 AM

wait was odio the guy pushing hard for the ryzen cpus. i forget. if so it's almost like he has a narrative
Login to comment.