Security flaw leaves Intel-run PCs at risk even if they are switched off

The flaw affects the Active Management Technology (AMT), that lets administrators manage machines via remote controls
Author:
Publish date:
Social count:
0
8-intel.jpg

Yet another security flaw has been revealed that poses a ‘significant risk’ to PCs running on Intel processors. The latest security concern relates to PCs operating on Intel’s vPro processors. Unlike other security flaws, this one can be breached even if the vulnerable machines are switched off.

The flaw affects the Active Management Technology (AMT), that lets administrators manage machines via remote controls. The security flaw exploits this feature and allows hackers to bypass authentication to gain the same level of remote access that admins have.

AMT was designed to demand a password before allowing remote access. However, hackers have found a way to bypass this stage via the security flaw. Tenable Network Security, which has created what it characterizes as the first Intel AMT vulnerability detection capability, describes the flaw as ‘difficult to track’.

A spokesman said: “We reduced the response hash to one hex digit and authentication still worked. Continuing to dig, we used a NULL/empty response hash (response=”” in the HTTP Authorization header). Authentication still

worked. We had discovered a complete bypass of the authentication scheme.”

What this means is that even if the authentication field was left blank, hackers are able to gain access to the affected PCs. Intel expects to have a patch available via PC manufacturers at some point this week. Fujitsu, HP and Lenovo have all provided information on their affected devices and how to deal with possible attacks on their websites. So far 8,500 machines have been identified as being vulnerable to attack.

Last week, Intel fixed a 10-year-old bug that had plagued its processors. The remote management flaw has given hackers the opportunity to fully take control of the computers running on the vulnerable networks for the best part of a decade, according to an advisory briefing published by Intel yesterday afternoon. The bug resides in the chipmaker’s Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability chips. The bug doesn’t affect Intel chips running on consumer PCs.

Related

5_AVFeatureOnline.jpg

Switching on

The connected home meets high-end AV as consumers tune in to the growing number of products which bring sound and vision throughout the house. Lawrence Latif investigates?