Millions of PCs at risk from Intel firmware flaw


By Dylan Bushell-Embling
Monday, 27 November, 2017


Dt06076 carousel

Intel has issued a security alert for elevation of privilege vulnerabilities that impact a wide range of the company's chipsets that could leave potentially millions of desktop computers at risk.

The vulnerability was brought to Intel's attention by an unnamed team of external researchers, the company said. It affects systems using eight different firmware versions.

A security review conducted after the vulnerability was brought to light found that attackers could potentially gain access to target machines by exploiting flaws in Intel's Management Engine, Intel Server Platform Service or Intel Trusted Execution Engine.

Affected chipsets include sixth-, seventh- and eighth-generation Intel Core processors as well as various Intel Xeon, Atom, Apollo Lake and Celeron processors.

Some of the exploits could potentially allow attackers to execute arbitrary code, while others could allow access to privilege-protected content, cause a system crash or system instability and compromise local security features.

Some issues also involve Intel's Active Management Technology (AMT), which was the subject of an earlier security alert in May. The exploit, discovered by smart device security company Embedi, could have potentially allowed attackers to gain full control over a targeted computer even if it is turned off.

Intel has issued patches for the newly discovered vulnerabilities, but desktop and laptop manufacturers will now need to create and distribute their own customised patches, which are unlikely to be installed by all but the most security-conscious of users.

Intel has released a downloadable vulnerability detection tool and highly recommends affected users install updated firmware as quickly as possible.

Follow us and share on Twitter and Facebook

Related Articles

Apple red-faced after major macOS bug found

Apple has patched a major security vulnerability that allowed root access to Macs running the...

Millions of PCs at risk from Intel firmware flaw

Intel has discovered vulnerabilities in the firmware of a range of processors that could...

2018 to be another 'brutal' year for cyber threats

Malwarebytes has forecast a rise in cryptojacking, PowerShell-based attacks and the use of worms...


  • All content Copyright © 2017 Westwick-Farrow Pty Ltd