INTEL HAS ISSUED A FIX for a ten-year-old problem with its Active Management Technology (AMT) business tools that would have allowed an attacker to bypass an admin password field and get their kicks from hacking the guts out of something.
Now that Intel has issued its fix, an insecurity firm called Embedi has stepped forward with its hand up to tell us that it discovered the vulnerability in February and told Intel about it in March.
"The Intel AMT vulnerability is the first of its kind. The exploitation allows an attacker to get full control over a business computers, even if they are turned off (but still plugged into an outlet). We really hope by bringing this to light, it will raise awareness about security issues in firmware and avoid possible issues in the future," says Embedi in it's too hot to miss promo for the exciting whitepaper that discusses the issue.
"By nature, the Intel AMT exploitation bypasses authentication. In other words, an attacker may now credentials and still be able to use the Intel AMT functionality," it adds. "Access to ports 16992/16993 are the only requirement to perform a successful attack."
The whitepaper is brief at five pages and explains that the firm picked apart the APT and eventually found an admin account worth molesting. Then it found what was eventually dubbed a critical vulnerability, a password field could be bypassed, and all sorts of problems like external control and access to data and documents given a direct line.
Intel issued its patch last week, affected companies including Intel and HP have also issued guidance.
"The security and confidence of the people and businesses who use Intel products and technologies are paramount to us, and we are doing everything we can to address the situation as quickly as possible," explained Intel.
"We have implemented and validated a firmware update to address the problem and we are collaborating with computer-makers to facilitate a rapid and smooth integration with their software. We expect computer-makers to make updates available beginning the week of May 8 and continuing thereafter." µ
C3-PO, R2-D2, BB-8 and other Androids
Helpful cyber vigilante gets short changed by customer services
...you know, now it's less confusing...
Firm will no longer provide updates for its first Android mobe