Intel security flaws put laptops, servers and storage at risk of hacking

Bugs in Intel's firmware allow remote code execution, data exfiltration and more

Bug bounty

Bugs in the underlying firmware of multiple Intel chip families have left laptops, servers and storage appliances vulnerable to a number of security vulnerabilities, the company has admitted.

The silicon giant has confirmed reports from third-party security researchers that flaws in its chips' management and administration functions could potentially allow hackers to execute code, exfiltrate confidential data and more.

Intel launched a full internal review of its source code after it was alerted to the issues, finding that bugs in affected systems could allow attackers to "load and execute arbitrary code outside the visibility of the user and operating system [and] cause a system crash or system instability".

The flaws affect a wide variety of chip families, including 6th, 7th and 8th Generation Intel Core processors, Intel Xeon E3-1200 v5 and v6 processors, Intel Xeon Scalable processors, Intel Xeon W processors, Intel Atom C3000 processors, Apollo Lake Intel Atom E3900 series, Apollo Lake Intel Pentiums, and Celeron N and J series processors.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

This covers everything from laptops and 2-in-1s, all the way up to high-end servers and storage appliances. The company has released a free detection tool, which users and sysadmins can run to identify vulnerable machines. IT Pro has contacted Intel to try and determine the number of affected systems.

Three elements of Intel's firmware are vulnerable: the company's Management Engine (ME) Server Platform Services (SPS) and Trusted Execution Engine (TXE). The Management Engine runs underneath the OS, and is used by admins to remotely access a system for maintenance and management tasks. The Server Platform Services feature is based on the ME and offers similar features for server products, while the TXE deals with hardware authentication.

The ME allows anyone with the appropriate credentials to control desktops, make changes to the system's settings and configurations, and even reinstall the OS. This makes it a very useful tool for IT staff at large companies with multiple offices, but it also means it holds a huge amount of power that hackers could take control of.

Because it runs underneath the OS, the ME is invisible to any antivirus systems or hypervisors installed on the machine. Coupled with its highly-privileged status, this means that a compromised ME could be used to install malware, among other troubling things.

A security advisory issued by Intel stated that 80% of the ten CVEs relating to the flaws are designated as high-severity, with buffer overflows and privilege escalations seen throughout.

"Based on the items identified through the comprehensive security review," the advisory read, "an attacker could gain unauthorized access to platform, Intel ME feature, and 3rd party secrets protected by the Intel Management Engine (ME), Intel Server Platform Service (SPS), or Intel Trusted Execution Engine (TXE)."

Advertisement - Article continues below

Intel has confirmed to IT Pro that patches are now available for affected systems, and the company advised that they should be installed as a matter of urgency.

"We worked with equipment manufacturers on firmware and software updates addressing these vulnerabilities," Intel said, "and these updates are available now. Businesses, systems administrators, and system owners using computers or devices that incorporate these Intel products should check with their equipment manufacturers or vendors for updates for their systems, and apply any applicable updates as soon as possible."

Featured Resources

Digitally perfecting the supply chain

How new technologies are being leveraged to transform the manufacturing supply chain

Download now

Three keys to maximise application migration and modernisation success

Harness the benefits that modernised applications can offer

Download now

Your enterprise cloud solutions guide

Infrastructure designed to meet your company's IT needs for next-generation cloud applications

Download now

The 3 approaches of Breach and Attack Simulation technologies

A guide to the nuances of BAS, helping you stay one step ahead of cyber criminals

Download now
Advertisement

Recommended

Visit/malware/33080/hackers-abuse-linkedin-dms-to-plant-malware
malware

Hackers abuse LinkedIn DMs to plant malware

25 Feb 2019
Visit/security/malware/28083/the-five-best-free-malware-removal-tools
Security

Best free malware removal tools 2019

23 Dec 2019
Visit/security/internet-security/354417/avast-and-avg-extensions-pulled-from-chrome
internet security

Avast and AVG extensions pulled from Chrome

19 Dec 2019
Visit/security/354156/google-confirms-android-cameras-can-be-hijacked-to-spy-on-you
Security

Google confirms Android cameras can be hijacked to spy on you

20 Nov 2019

Most Popular

Visit/business-strategy/mergers-and-acquisitions/354602/xerox-to-nominate-directors-to-hps-board-reports
mergers and acquisitions

Xerox to nominate directors to HP's board – reports

22 Jan 2020
Visit/operating-systems/25802/17-windows-10-problems-and-how-to-fix-them
operating systems

17 Windows 10 problems - and how to fix them

13 Jan 2020
Visit/business-strategy/public-sector/354608/uk-gov-launches-ps300000-sen-edtech-initiative
public sector

UK gov launches £300,000 SEN EdTech initiative

22 Jan 2020
Visit/web-browser/30394/what-is-http-error-503-and-how-do-you-fix-it
web browser

What is HTTP error 503 and how do you fix it?

7 Jan 2020