As the world’s number two supplier of microchips and processors, Intel products feature in millions of PCs and servers all over the globe. It is therefore no laughing matter to discover that malicious actors can use long-standing vulnerabilities in Intel’s Trusted Execution Engines, Management Engines and Server Platform Services firmware to skirt round security measures such as anti-virus software. They can then gain privileged access to devices; allowing them to eavesdrop, give themselves elevated privileges, run arbitrary code and even take systems down.
As far back as 2012, researchers identified potential backdoor problems in Intel’s Active Management Technology, and have been voicing concerns ever since. After a tip-off from security adviser Positive Technologies earlier this year, Intel has at last issued patches to rectify the problems in its eight affected CPUs. It requires immediate action and is deemed critical enough for researchers to have stated that if no patch is available for a particular system, companies will have to retire or upgrade in order to ensure their system security.
Users are urged to apply the updates as rapidly as possible, as they are the only antidote to these vulnerabilities.
Read more, including technical specifications of vulnerabilities and recommended course of action, at https://threatpost.com/intel-patches-cpu-bugs-impacting-millions-of-pcs-servers/128962/