Researcher Finds Another Security Flaw In Intel Management Firmware
An anonymous reader quotes a report from Ars Technica: Meltdown and Spectre are not the only security problems Intel is facing these days. Today, researchers at F-Secure have revealed another weakness in Intel’s management firmware that could allow an attacker with brief physical access to PCs to gain persistent remote access to the system, thanks to weak security in Intel’s Active Management Technology (AMT) firmware — remote “out of band” device management technology installed on 100 million systems over the last decade, according to Intel. [T]he latest vulnerability — discovered in July of 2017 by F-Secure security consultant Harry Sintonen and revealed by the company today in a blog post — is more of a feature than a bug. Notebook and desktop PCs with Intel AMT can be compromised in moments by someone with physical access to the computer — even bypassing BIOS passwords, Trusted Platform Module personal identification numbers, and Bitlocker disk encryption passwords — by rebooting the computer, entering its BIOS boot menu, and selecting configuration for Intel’s Management Engine BIOS Extension (MEBx).
If MEBx hasn’t been configured by the user or by their organization’s IT department, the attacker can log into the configuration settings using Intel’s default password of “admin.” The attacker can then change the password, enable remote access, and set the firmware to not give the computer’s user an “opt-in” message at boot time. “Now the attacker can gain access to the system remotely,” F-Secure’s release noted, “as long as they’re able to insert themselves onto the same network segment with the victim (enabling wireless access requires a few extra steps).”
Read more of this story at Slashdot.