Researcher finds another security flaw in Intel management firmware

 

Active Management Technology defaults allow anyone to take control of many PCs.

Meltdown and Spectre are not the only security problems Intel is facing these days. Today, researchers at F-Secure have revealed another weakness in Intel's management firmware that could allow an attacker with brief physical access to PCs to gain persistent remote access to the system, thanks to weak security in Intel's Active Management Technology (AMT) firmware—remote "out of band" device management technology installed on 100 million systems over the last decade, according to Intel. But Intel says this is basically PC manufacturers' fault for not properly protecting the configuration for AMT in BIOS setup menus.
Further Reading

Intel had already found other problems with AMT, announcing last May there was a flaw in some versions of the firmware that could "allow an unprivileged attacker to gain control of the manageability features provided by these products." Then in November of 2017, Intel pushed urgent security patches to PC vendors for additional management firmware vulnerable to such attacks—technologies embedded in most Intel-based PCs shipped since 2015.

Prease to read more:

https://arstechnica.com/information-technology/2018/01/resea...

--
Never argue with a pig. It makes you look foolish and it anoys the hell out of the pig!