UPDATED 21:15 EST / NOVEMBER 22 2017

INFRA

Intel releases patch for serious vulnerabilities found in Core processors

Intel Corp. has issued a patch to fix a number of serious security vulnerabilities discovered in its Management Engine, Server Platform Services and Trusted Execution Engine featured on a range of its chips.

The vulnerabilities, found in Intel-based computers, including laptops and desktops shipped with Intel Core processors since 2015, could allow a remote attacker to gain access to privileged system information and therefore the ability to install malware and a rootkit, or software to gain access to unauthorized parts of a computer, and to steal data.

Bob Rudis, chief data scientist at Rapid7 Inc., explained to SiliconANGLE that Intel had identified eight vulnerabilities in their chipsets that have ME and AMT features enabled. “Chipsets ranging from Celeron to 8th Generation Intel Core are impacted,” Rudis said. “Attackers who successfully exploit these vulnerabilities are doing so in a very powerful component of servers and higher-end desktops and laptops and will be able to elevate privileges, run arbitrary code in a powerful context, crash systems, eavesdrop on communications and call into question the integrity of virtually every bit of data or computation that is handled by a system.”

Although the newly available patch is now being distributed, it relies on device makers to distribute them, meaning there is a lag time between the patch release and enterprise users getting their hands on them. Rudis advises that enterprise users immediately implement pre-patch mitigations, including “segmenting off vital server components — especially the management Ethernet ports for those servers — along with introducing extra network and system activity monitoring.” Rudis did note that while taking those actions “there are no real workarounds” as the “only course of action to protect your organization is to patch.”

James Maude, senior security engineer at Avecto Ltd., said that from “hardware to software, admin accounts with wide-ranging privilege rights present a large attack surface. The fact that these critical security gaps have appeared in hardware that can be found in almost every organization globally demonstrates that all businesses need to bear this in mind.”

Maude explained that “controlling privilege isn’t difficult to do, but it is key to securing systems. It’s time for both enterprises and individual users to realize that they can’t rely solely on inbuilt security – they must also have robust security procedures in place.”

Vulnerabilities like this, he said, are especially dangerous because they can allow the attacker to operate above the operating system and bypass the usual security measures. “With modern systems, we need to consider the full stack and ensure that privilege management and patching is implemented from the hardware upwards.”

Intel has set up a tracking page here that will be updated as manufacturers provide links to patches.

Photo: williamhook/Flickr

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU