Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Intel AMT security hole lets hackers take control of corporate laptops
Another Intel flaw for attackers to exploit
By Cal Jeffrey on Jan 12, 2018, 3:43 PM
Intel is off to a rough start in 2018 with yet another security issue found impacting their products. Coming fast on the heels of Spectre and Meltdown is a security vulnerability in Intel’s Active Management Technology (AMT). The Intel Core processor with vPro feature is intended to help IT staff manage networked assets. Ironically, it is supposed to help administrators protect devices. This security risk flushes all that down the toilet.
According to researchers at F-Secure, “The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place. No, we’re not making this stuff up.”
This flaw has a high destructive potential and can be executed very quickly. The attacker does need to have physical access to the laptop but there are several scenarios where this could prove to be a trivial issue.
Harry Sintonen, one of F-Secure’s senior security consultants, describes using the “evil maid” scenario. This is where a pair of attackers identify a target and while one distracts the mark, the other accesses the computer. Since the exploit can be completed in seconds, this tactic is quite viable.
More:
https://www.techspot.com/news/72736-intel-amt-security-hole-hackers-take-control-corporate.html
