Critical Intel flaw undetected for a decade
Intel has issued a security alert for a critical flaw that has lain undetected in many of its enterprise chipsets for over a decade.
The alert, issued on 1 May, warns of an escalation of privilege vulnerability in Intel Active Management Technology, Intel Standard Manageability and Small Business Technology firmware.
The vulnerability covers multiple versions of the firmware from 6.x and higher, and could allow local attackers to gain unprivileged network or local system privileges on Intel manageability SKUs including AMT.
The AMT and ISM SKUs are also potentially vulnerable to network attacks from unprivileged users. Versions of the manageability firmware after 11.6 are not affected, and the vulnerability does not affect Intel-based consumer PCs.
Intel is urging customers running affected versions of the firmware to seek updated firmware from their OEMs as soon as possible.
But because it will be up to OEMs to issue updated firmware to address the flaw, and to enterprise customers to install the new firmware, many systems are likely to remain unpatched.
If no firmware is available, Intel has issued a mitigation guide detailing potential steps including unprovisioning client systems vulnerable to the issue, disabling or removing the Intel Management and Security Application Local Management Service (LMS), and setting local manageability configuration restrictions.
Fujitsu establishes security consulting division
Fujitsu's new digital security consulting division will help organisations prepare for and...
Unstoppable Domains joins GlobalBlock initiative
Web3 domain name service provider Unstoppable Domains has joined the GlobalBlock initiative to...
AI adoption surging in the enterprise
The use of generative AI and other tools within the enterprise is rapidly increasing, which is...
