Intel patches security vulnerability that's existed for nearly a decade

Intel has finally patched a security vulnerability that has existed in many of its chips since the days of Nehalem in 2008 all the way thro...

Intel has finally patched a security vulnerability that has existed in many of its chips since the days of Nehalem in 2008 all the way through 2017’s Kaby Lake.

In an advisory published May 1, Intel describes the vulnerability as an elevation of privilege type with a critical severity rating.

It is found in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) and Intel Small Business Technology firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5 and 11.6 and can allow an attacker to “gain control of the manageability features provided by these products.”

Specifically, Intel says there are two ways the vulnerability can be accessed:

  • An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel® Active Management Technology (AMT) and Intel® Standard Manageability (ISM) (CVSSv3 9.8 Critical /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
  • An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology (SBT) (CVSSv3 8.4 High /AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

SemiAccurate, which says it has been pestering Intel to fix the issue for “literally years,” claims there is literally no Intel box made in the last 9+ years that isn’t at risk although Intel specifically states that “this vulnerability does not exist on Intel-based consumer PCs.”

Intel recommends looking over this document to determine if you have an AMT, SBA or ISM-capable system and this guide to see if your system has the impacted firmware.


http://www.techspot.com/news/69152-intel-patches-security-vulnerability-existed-nearly-decade.html
Name

English News techspot.com
false
ltr
item
Techno - Gampong IT - Reference Information Technology: Intel patches security vulnerability that's existed for nearly a decade
Intel patches security vulnerability that's existed for nearly a decade
http://www.techspot.com/images2/news/bigimage/2017/05/2017-05-01-image-18.jpg
Techno - Gampong IT - Reference Information Technology
http://techno.gampongit.com/2017/05/intel-patches-security-vulnerability.html
http://techno.gampongit.com/
http://techno.gampongit.com/
http://techno.gampongit.com/2017/05/intel-patches-security-vulnerability.html
true
7281475864779722461
UTF-8
Tidak ditemukan artikel apapun LIHAT SEMUA Selengkapnya Balas Batal Balas Hapus Oleh Beranda HALAMAN ARTIKEL Lihat Semua REKOMENDASI LABEL ARSIP SEARCH SEMUA ARTIKEL Tidak ditemukan posting yang sesuai dengan permintaan Anda Halaman Utama Minggu Senin Selesa Rabu Kamis Jumat Sabtu Min Sen Sel Rab Kam Jum Sab Januari Februari Maret April Mei Juni Juli Agustus September Oktober November Desember Jan Feb Mar Apr Mei Jun Jul Agu Sep Okt Nov Des baru saja 1 menit lalu $$1$$ minutes ago 1 jam lalu $$1$$ hours ago Kemarin $$1$$ days ago $$1$$ weeks ago lebih dari 5 minggu yang lalu Pengikut Ikuti KONTEN PREMIUM Silakan share untuk membuka Salin Semua Code Pilih Semua Code Semua kode disalin ke clipboard Anda Tidak dapat menyalin kode/teks, silakan tekan [CTRL] + [C] (atau CMD + C dengan Mac) untuk menyalin