Notice: Function _load_textdomain_just_in_time was called incorrectly. Translation loading for the updraftplus domain was triggered too early. This is usually an indicator for some code in the plugin or theme running too early. Translations should be loaded at the init action or later. Please see Debugging in WordPress for more information. (This message was added in version 6.7.0.) in /var/www/html/dev.webpronews.com/public_html/wp-includes/functions.php on line 6114
Intel’s CSME Bug Is ‘Unfixable’ «

Intel’s CSME Bug Is ‘Unfixable’

Intel has been struggling to fix security flaws in its processors, with researchers warning the current flaw is “unfixable.”...
Intel’s CSME Bug Is ‘Unfixable’
Written by Matt Milano

Intel has been struggling to fix security flaws in its processors, with researchers warning the current flaw is “unfixable.”

Security firm Positive Technologies has discovered that one of the most recent issues is far more severe than previously thought. The vulnerability impacts the ROM of the Converged Security and Management Engine (CSME). The CSME is a subsystem chipset that is part of Intel’s Active Management Technology (AMT), and allows remote out-of-band management, useful for business and enterprise, but largely unnecessary for the consumer market.

According to Positive Technologies, the latest discovery has chilling ramifications:

“By exploiting vulnerability CVE-2019-0090, a local attacker could extract the chipset key stored on the PCH microchip and obtain access to data encrypted with the key,” reads the report. “Worse still, it is impossible to detect such a key breach. With the chipset key, attackers can decrypt data stored on a target computer and even forge its Enhanced Privacy ID (EPID) attestation, or in other words, pass off an attacker computer as the victim’s computer. EPID is used in DRM, financial transactions, and attestation of IoT devices.”

While Intel is recommending impacted users contact their motherboard manufacturer for a BIOS update, Positive Technologies is warning that will not fix the underlying issue.

“Since it is impossible to fully fix the vulnerability by modifying the chipset ROM, Positive Technologies experts recommend disabling Intel CSME based encryption of data storage devices or considering migration to tenth-generation or later Intel CPUs. In this context, retrospective detection of infrastructure compromise with the help of traffic analysis systems such as PT Network Attack Discovery becomes just as important.”

This is just the latest in a number of serious issues Intel has had with its recent chipsets, and could make offerings from AMD and ARM an increasingly appealing alternative.

Subscribe for Updates

CybersecurityUpdate Newsletter

CybersecurityUpdate

By signing up for our newsletter you agree to receive content related to ientry.com / webpronews.com and our affiliate partners. For additional information refer to our terms of service.
Get the WebProNews newsletter delivered to your inbox

Get the free daily newsletter read by decision makers

Subscribe
Advertise with Us

Ready to get started?

Get our media kit