Plugging security holes is an endless task for today’s tech companies. Some problems are easy to find and can be fixed quickly. Other can linger for years before being discovered, like one revealed this week that has plagued Intel’s Core processors.
The chipmaker has published an alert on its website that shows all seven generations of its Intel Core CPUs have a critical flaw in one of three features: AMT (Active Management Technology). A vulnerable chip could allow an Intel-based PC to be taken over by a remote attacker.
With Intel chips shipping in about 70% of all PCs, the AMT flaw is about as serious as they come… especially when you consider that the first Core processors that were vulnerable started shipping nine years ago. That’s an awfully long time for a threat to go unpatched.
Is your desktop or laptop vulnerable? If it features a Core processor it certainly could be, though there’s probably no reason for you to panic. The company notes “this vulnerability does not exist on Intel-based consumer PCs,” so if your computer runs Windows 7/8/10 Home, you’re probably in the clear.
If your computer shipped with Windows 7/8/10 Professional, then you might be at risk. Even then, unless the AMT functionality has been enabled you’re not in any immediate danger. You should, however, confirm and patch if necessary. Finding that out is easy enough: just download this free app from Intel to determine if you need to update your system.
While this nine-year-old vulnerability doesn’t appear to be a serious concern for home users, it has the potential to be a major headache in corporate settings. AMT is frequently enabled on business machines because it makes managing large numbers of computers much easier, and some experts have noted that applying workarounds or fixes will have to be done one machine at a time.
Intel has been contacted for comment and this post will be updated with their response.
Source: SANS ISC SecNewsFeed @ May 2, 2017 at 11:39AM