Gadgets

All Intel processors have been exposed to a fatal vulnerability since 2015


Intel processors regularly detect problemswith security, which are quickly eliminated by the developers. However, recently cybersecurity experts from Positive Technologies said they have identified an unavoidable vulnerability in all Intel chips released over the past five years (except for the Ice Lake CPU series).

The vulnerability has not yet been received.own name, and is designated CVE-2019-0090. The problem is with the Converged Security and Manageability Engine (CSME), a processor element that controls the loading of the operating system, power levels, and firmware.

CSME component launches its own chipIntel 486, RAM and boot ROM, and starts working the very first when you turn on the computer. At the same time, at the initial moment of launch, the system remains vulnerable for several seconds. After gaining physical access to the computer, the hacker will be able to disable DMA transfer, overwrite it and intercept code execution.

Given that the boot code and operationalmemory is an integral part of Intel processors, to eliminate the vulnerability will have to change the processor architecture. At the same time, despite the technical difficulties associated with using the vulnerability (technological equipment, physical access, software development), hackers who once hacked will completely subjugate their computer and provide constant remote access.

According to Intel about this type of vulnerabilityIt is known last year, and in May 2019, a firmware update for the motherboard was released. At the same time, it was stated that having gained physical access to the system, an attacker could return to the old BIOS and make penetration and further “capture” of the computer. Therefore, Intel experts call maintaining physical access to their own systems one of the protection factors.

Source: ptsecurity

Facebook Notice for EU! You need to login to view and post FB Comments!