Content deleted Content added
→Firmware: clarify |
|||
Line 38:
==Firmware==
Several weaknesses have been found in the code for the [[Intel Management Engine]] (ME) which is a processor that operates independently and in the background on Intel motherboard chipsets. On May 1, 2017, Intel confirmed a Remote Elevation of Privilege bug (SA-00075) in its Management Technology.<ref name="intelmay">{{cite web|url=https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr |title=Intel® Product Security Center |website=Security-center.intel.com |date= |accessdate=2017-05-07}}</ref> Every Intel platform with provisioned Intel Standard Manageability, Active Management Technology, or Small Business Technology, from [[Intel Nehalem|Nehalem]] in 2008 to [[Intel Kaby Lake|Kaby Lake]] in 2017 has a remotely exploitable security hole in the ME.<ref>{{cite web|author=Charlie Demerjian |url=https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/ |title=Remote security exploit in all 2008+ Intel platforms |publisher=SemiAccurate |date=2017-05-01 |accessdate=2017-05-07}}</ref><ref name="reg-2017-05-01">{{cite web|url=https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/ |title=Red alert! Intel patches remote execution hole that's been hidden in chips since 2010 |website=Theregister.co.uk |accessdate=2017-05-07}}</ref> Several ways to disable the ME without authorization that could allow ME's functions to be sabotaged have been found.<ref>{{cite web |last1=Alaoui |first1=Youness |date=October 19, 2017 |title=Deep dive into Intel Management Engine disablement |url=https://puri.sm/posts/deep-dive-into-intel-me-disablement/ }}</ref><ref>{{cite web |last1=Alaoui |first1=Youness |date=March 9, 2017 |title=Neutralizing the Intel Management Engine on Librem Laptops |url=https://puri.sm/posts/neutralizing-intel-management-engine-on-librem-laptops/}}</ref><ref name=ptsecurity1>{{cite web|url=http://blog.ptsecurity.com/2017/08/disabling-intel-me.html |title=Positive Technologies Blog: Disabling Intel ME 11 via undocumented mode |accessdate=2017-08-30 |df= }}</ref> Additional major security flaws in the ME affecting a very large number of computers incorporating ME, Trusted Execution Engine (TXE), and Server Platform Services (SPS) firmware, from [[Intel Skylake|Skylake]] in 2015 to [[Coffee Lake]] in 2017, were confirmed by Intel on 20 November 2017 (SA-00086).<ref name=extreme1>{{cite web|url=https://www.extremetech.com/computing/259426-intel-patches-major-flaws-intel-management-engine|title=Intel Patches Major Flaws in the Intel Management Engine|publisher=Extreme Tech}}</ref> Unlike SA-00075, this bug is even present if AMT is absent, not provisioned or if the ME was "disabled" by any of the known unofficial methods.<ref>https://www.theregister.co.uk/2017/12/06/intel_management_engine_pwned_by_buffer_overflow/</ref> In July 2018 another set of vulnerabilitites were disclosed (SA-00112).<ref name=SA-00112>https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00112.html</ref> In September 2018, yet another vulnerability was published (SA-00125).<ref>https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00125.html</ref>
== See also ==
| |||