Critical Flaw Found in Intel Processors May Surrender Complete Control of Laptop

Attendees examine a display at the Intel booth during CES 2018 at the Las Vegas Convention Center on 9 January 2018 in Las Vegas Nevada. AFP

This security issue, F-Secure said, is that setting a BIOS password - which prevents changes being made by unauthorised users - can be tampered with to "make remote exploitation possible".

Most security experts scoff at the idea of attacks requiring "physical access" to perform and often demean their importance of such issues compared to other security bugs. "The issue potentially affects millions of laptops globally".

However, F-Secure believes that the "pure simplicity of exploiting this particular issue sets it apart from previous instances", warning: "The weakness can be exploited in mere seconds without a single line of code".

The essence of the security issue is that setting a BIOS password, which normally prevents an unauthorized user from booting up the device or making low-level changes to it, does not prevent unauthorized access to the AMT BIOS extension.

Intel AMT is the software that sits on top of the Intel Management Engine (ME) and is supposed to allow IT administrators to gain out-of-band remote access to computers in a network.

The setup is simple: an attacker starts by rebooting the target's machine, after which they enter the boot menu. By selecting Intel's Management Engine BIOS Extension (MEBx), they can log in using the default password "admin", as this hasn't most likely been changed by the user. He continues, "Now the attacker can gain access to the system remotely, as long as they're able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps)".

"The security issue is nearly deceptively simple to exploit, but it has incredible destructive potential", said Harry Sintonen, senior security consultant at F-Secure, who investigated the issue after discovering it in mid-2017. "In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures".

Sintonen claimed in the release that the speed in which the attack can be carried out makes it easily exploitable in a so-called "evil maid" scenario, adding that even a minute of distracting a target from their laptop - at an airport or coffee shop for example - is enough to do the damage. The attacker breaks into your room and configures your laptop in less than a minute, and now he or she can access your desktop when you use your laptop on the hotel (wireless system). This allows the attacker to control the machine remotely afterwards, as well as access the machine's network.

Carillion lines up standby administrator as crunch talks continue
A meeting with The Pensions Regulator is reportedly taking place on Friday to shore up the future of its pension scheme. Trade unions have urged ministers to step in to protect the 19,500 jobs across Britain that are now at risk.

PPL Corp (PPL) Position Increased by Hexavest Inc
It worsened, as 37 investors sold PPL shares while 222 reduced holdings. 76 funds opened positions while 178 raised stakes. The investor is now holding $14.25 million shares due in part to a decrease of 1.96 million new shares in their portfolio.

Liverpool linked with Mahrez move
But former Anfield striker Owen is not convinced Mahrez has the right attributes for Liverpool - or where he would fit in. Steve Nicol believes that Leicester City star Riyad Mahrez would be "absolutely fantastic" at Liverpool.

F-Secure's Sintonen, however, wasn't the only security researcher to unearth the problem.

Germany's computer emergency response team, CERT-Bund, had also previously detailed how MEBx could be used to boot to a specially configured USB device, again bypassing the BIOS password.

F-Secure said it is highlighting the issue to raise awareness so that organisations can mitigate the problem and improve security in the real world.

Responding to F-Secure's research, Intel has confirmed the flaw and issued mitigation advice. However, most users don't set one. "That is why it's important to raise public awareness".

"Intel has provided recommendations to system manufacturers in September 2015 to protect the Intel MEBx with the system BIOS password", it says.

Intel AMT is shipped in various states (enabled or disabled by default) depending on the laptop/desktop OEM's policy. This guidance (PDF) was updated and reiterated last November. "Since then we have been coordinating with laptop vendors and with Intel", F-Secure spokeswoman Melissa Michael tells ISMG. In a normal situation, an intruder would be stopped here; as they won't know the BIOS password, they can't really do anything harmful to the computer.

"Organizations with Microsoft environments and domain connected devices can also take advantage of the System Center Configuration Manager to provision AMT", said F-Secure.

Related:

  • 'The Walking Dead' Season 8: Carl's presence will be 'critical'

    'The Walking Dead' Season 8: Carl's presence will be 'critical'

    We are supposed to be anxious about what comes next, and anticipating what comes next, and stressing about what comes next. That just shows that you're engaged and you're interested.
    BB&T's (BBT)

    BB&T's (BBT) "Hold" Rating Reaffirmed at Robert W. Baird

    Penn Davis Mcfarland Inc decreased its stake in Twenty (FOXA) by 4.39% based on its latest 2017Q3 regulatory filing with the SEC. Inr Advisory Services Limited Liability Corporation has 0% invested in BB&T Corporation (NYSE:BBT) for 80 shares.

    Facebook Inc Q3 2017 Institutional Investor Sentiment Better Than Expected

    Wellcome Trust Ltd increased its stake in Facebook Inc (FB) by 1.16% based on its latest 2017Q3 regulatory filing with the SEC. Gateway Advisers Ltd Liability Corporation holds 1.38M shares. 34,956 were reported by Wg Shaheen & Associate Dba Whitney &.
  • Bryant gets $10.85M, record for 1st arbitration eligible

    Bryant gets $10.85M, record for 1st arbitration eligible

    During the 2017 season, Bryant hit for a career-best.295 batting average and a total of 29 home runs and 73 RBIs. It was the first time in his three seasons he was not named an All-Star, however.
    Fourth Suspect Pleads Guilty in Nude Celebrity Photo Hack

    Fourth Suspect Pleads Guilty in Nude Celebrity Photo Hack

    The information allowed Garofano to steal personal information, including photos and videos, the plea agreement stated. The star of Mother! called the leak a "sex crime" and a "sexual violation" in an interview with Vanity Fair magazine.

    Choosing Between Pioneer Natural Resources Company (PXD) and Continental Resources, Inc. (CLR)?

    Perhaps, that suggests something about why 1.18% of the outstanding share supply is held by institutional investors. Further, the firm has debt to equity ratio of 0.07, sometimes it remain same with long term debt to equity ratio.
  • Supreme Court to Consider Texas Redistricting Case

    Supreme Court to Consider Texas Redistricting Case

    Justices Clarence Thomas and Neil Gorsuch have also criticized the decision, according to South Dakota's petition. Amazon backs a nationwide approach that would relieve retailers from dealing with a patchwork of state laws.

    EPS for Pitney Bowes Inc. (PBI) Expected At $0.36

    The technical rating goes from a rating of one, the weakest upside technical, to a rating of five, the highest upside technical. The firm earned "Buy" rating on Monday, September 18 by Stifel Nicolaus. (NYSE: PBI ) on Monday, May 15 to "Neutral" rating.

    Has $11.17 Million Position in Skyworks Solutions, Inc. (SWKS)

    Zacks Investment Research downgraded Skyworks Solutions from a "hold" rating to a "sell" rating in a research note on Wednesday. On Tuesday, November 7 the stock rating was maintained by FBR Capital with "Buy". (NASDAQ:SWKS) rating on Friday, January 20.
  • Blackrock Multi-Sector Income Trust (NYSE:BIT) Declares Special Dividend of $0.13

    Blackrock Multi-Sector Income Trust (NYSE:BIT) Declares Special Dividend of $0.13

    When charted, the RSI can serve as a visual means to monitor historical and current strength or weakness in a certain market. A reading under 20 would indicate no trend, and a reading from 20-25 would suggest that there is no clear trend signal.
    Puma CEO Says Has No Plans To Take On Other Brands

    Puma CEO Says Has No Plans To Take On Other Brands

    The transaction would increase PUMAs free float from now 14% to approximately 55%. The number of the brand's publicly traded shares will be increased to around 55%.
    Watch the first teaser trailer for HBO's Fahrenheit 451

    Watch the first teaser trailer for HBO's Fahrenheit 451

    Michael Shannon is playing Montag's fire chief Beatty, the villain of the story. They're gone, Bahrani said when asked where are the checks and balances.

Comments

Latest news

$1.08 EPS Expected for Eli Lilly and Company (LLY) This Quarter
The investment managers in our partner's database reported: 827.83 million shares, up from 823.00 million shares in 2017Q2. I-G Investment Management Ltd sold 8,741 shares as the company's stock declined 3.22% while stock markets rallied.

Boeing Unveils New Unmanned Cargo Air Vehicle Prototype
Boeing recently unveiled a prototype cargo drone capable of transporting payloads of up to 500 pounds. Boeing's electric vertical-takeoff-and-landing (eVTOL) unmanned cargo aerial vehicle (CAV) prototype.

Team Asia takes surprise early lead at EurAsia Cup
China's Li Haotong yesterday held his nerve to birdie his final hole and give hosts Asia a slender lead over champions Europe on the opening day of the EurAsia Cup in Kuala Lumpur . "It feels great.

Mckesson Corp Stock as Institutional Investors Exit
BMO Capital Markets has "Buy" rating and $13200 target. (NYSE:PIR) has "Hold" rating given on Thursday, June 22 by Jefferies. The investment managers in our partner's database now have: 180.04 million shares, up from 176.11 million shares in 2017Q2.

Montrusco Bolton Investments Inc. Increases Stake in Danaher Co. (DHR)
After $2.07 actual EPS reported by Apple Inc. for the previous quarter, Wall Street now forecasts 81.16% EPS growth. Finally, Chesley Taft & Associates LLC increased its position in shares of Danaher by 0.3% in the fourth quarter.

Ford to partner with Postmates on self-driving deliveries
Also at CES, Volkswagen (VLKAY) and Hyundai have announced plans to put self-driving technology in production cars by 2021. The second-largest US automaker is also launching and testing a new transportation-as-a-service platform this year.

European Central Bank officials cautious despite recovery
Against the yen, the dollar was nearly flat on the day at 111.27, after plumbing a six-week low of 111.05 yen on Thursday. And bitcoin was up 5.7% at $14,000 on the Luxembourg-based Bitstamp exchange today.

Euronav NV (EURN) EPS Estimated At $-0.08; Group One Trading LP Has Boosted Its Sociedad Quimica Minera De C (SQM) Position
Prince Street Capital Management Llc sold 168,300 shares as Sociedad Quimica Minera De C (SQM)'s stock rose 11.91%. Teva Pharmaceutical Industries Limited (NYSE:TEVA) has declined 41.70% since January 12, 2017 and is downtrending.

General Electric Co (NYSE:GE) Sentiment Crashes in 2017 Q3
The collective rating of 2.4 for General Electric Company ( NYSE :GE) also leans strongly towards the neutral end of the spectrum. As per Thursday, October 5, the company rating was maintained by Credit Suisse. 0 analysts gave its stock an Outperform rating.

What's in Ryman Hospitality Properties, Inc. (RHP) After Achieving 52-Week High?
The rating was downgraded by Raymond James to "Hold" on Monday, July 17. (NYSE:RHP) on Friday, March 3 to "Underperform" rating. Quantbot Technologies LP bought a new position in Ryman Hospitality Properties during the third quarter worth about $161,000.

Kendrick Lamar Steals The Crown With Feature On Jay Rock's 'King's Dead'
The rapid pace of these rappers' lyrical delivery matches the ante of the instrumental helmed by Mike WiLL Made-It and Teddy Walton.

DC's 'Shazam!' movie sets 2019 release date
Levi teased a possible Wonder Woman cameo, but even if Diana shows up, you still have a new superhero on the scene. According to THR , Warner Bros. will release the super movie on April 5, 2019 where it now has no competition.

Imperial Capital Increases United Continental (UAL) Price Target to $74.00
The market's smooth ride upward hit a bump on Wednesday when concerns rose that a jump in interest rates could derail the ascent. The Manufacturers Life Insurance Company owned 0.15% of United Continental Holdings as of its most recent filing with the SEC.

First Allied Advisory Services Inc. Lowers Holdings in Emerson Electric Company (EMR)
The investment managers in our partner's database now hold: 432.93 million shares, down from 440.67 million shares in 2017Q2. It improved, as 47 investors sold HSIC shares while 15 reduced holdings. 35 funds opened positions while 84 raised stakes.

Most PCs expected to get slower due to chip flaw fix
AMD has published an update on its processor security in the wake of the Spectre and Meltdown saga. Customers will hardly notice the difference, Myersohn expects.

Other news