Security researchers have found a prime security hole in the Intel processor and Intel management engine that hits the CPU hard. This could enable hackers to access corporate laptops remotely, as reported by Finnish cybersecurity firm specialist F-Secure. As stated by F-Secure, the security flaw in Intel AMT had nothing to do with Meltdown vulnerabilities and Spectre, which are found in the microchips that are mostly used in all computers, tablets, and smartphones today.
The Intel Active Management Technology is sketched to allow the access of the administrators to update PCs even when the PCs are turned off. It just needs an internet connection and wall socket so that it can be updated, but this also risks security as hackers can gain access to the entire machine.
The issue is within the Intel Active Management Technology (AMT). “Which is commonly found in most corporate laptops, allows an attacker to take complete control over a user’s device in a matter of seconds”- F-Secure as the firm says that the issue will affect millions of laptops globally. “A successful attack would lead to complete loss of confidentiality, integrity, and availability,” as said by F-Secure.
Sintonen, an F-Secure expert, said that the organization needs to set a strong password or disable AMT completely if possible because once inside the AMT, the attacker can log in by putting a new password or configuring AMT to subdue notifications so that the attacker can have access to the entire system and also prevent the users from knowing what’s happening.
Intel appreciates that the experts highlighted the issue. “ we issued guidance on best configuration practices in 2015 and updated it in November 2017, and strongly urge original equipment manufacturers (OEMs) to configure their systems to maximize security” told Intel spokesman to AFP.