Researchers have found multiple vulnerabilities in firmware used by recent Intel CPUs. The problem affects both CPUs for consumer PCs as CPUs used in enterprise servers. Intel has confirmed the issues on its website.
The culprit is Intel’s Management Engine (IME) which runs on a separate microprocessor in newer Intel CPUs. IME can be used by administrators to remotely access computers for maintenance or troubleshooting.
However, IME can also be used by hackers to run malicious software that is hard to detect as the Intel system works as a separate sub-system. To get access to that separate system running on a separate microprocessor, an attacker first has to obtain administrator privileges.
Hacking affected systems is even possible if the computer is switched off because IME remains active when a computer is shut down, as long as the computer is connected to a power outlet.
How serious the vulnerabilities are will have to become clear in the coming months. “This looks bad, but we don’t yet know how easy it will be to exploit these vulnerabilities,” security researcher Filippo Valsorda told Wired.com. During hacker conference Black Hat Europe the researchers who discovered the vulnerabilities will publish more details.
Meanwhile, Intel published a detection tool that allow administrators to check their systems. Until now, only Lenovo has released a software update that patches the issue on several PCs. It’s expected that other computer vendors will follow their example soon.