The onboard Intel remote sensing authentication engine has a vulnerability that could grant non-administrative privileges to a severely compromised system.
A silent security hole that has survived on Intel chips in the past seven years has been spotted in early 2017. But experts now find the bug more serious than anyone imagines. Because hackers can take remote control at the highest level for a computer without entering a password.
The vulnerability lies in a feature called Active Management Technology, which allows administrators to control the system over remote connections. They include a series of functions such as changing computer startup code, mouse access, keyboard, screen, running programs. In short, AMT provides the right to log on to the computer and to execute remote control as if it were working directly with the system hardware.
This feature is integrated on many of the Intel vPro processors that require login of a password in a web browser. However, noticeably, its authentication technique can be overridden by typing a string of characters, or even typing text.
The security firm has succeeded in exploiting the vulnerability of AMT by phasing out the cryptographic hash function, but the authentication system still “licenses” the remote access.
Technical Director Carlos Perez said “Authentication still works” even if you enter it wrong. “We detected a flaw in the authentication scheme.”
Experts from Embedi, the company that first discovered the vulnerability of Intel, also made the same comment. According to them, the bad thing lies in the external access performed by AMT so that it can interfere directly with the hardware that bypasses the operating system completely. As such, the manager is more vulnerable than ever. This flaw has appeared on the Intel chips since 2010, but not all.
On Friday, Intel called on PC makers to release the patch next week. The company also recommends that users download the diagnostic tool in the meantime to minimize the damage.
Some users who have a problem with the temperature have actually de-bottled their CPUs. In this way, they can spread the heat dissipation onto the silicon soles of the CPU to increase heat dissipation. However, removing IHS may also cause some heat sinks that are not compatible with the CPU because they are designed to be height-adjustable with IHS