An interconnected series of security flaws in Intel processors can give hackers “insidious” control over Windows and Linux systems.
Intel announced the vulnerabilities in the so-called “Management Engine (ME)” Monday evening. The ME is an Intel feature intended for administrative use that runs at a more foundational level than operating systems.
The processors at risk include a number of Core, Xenon, Atom and Celeron products.
The vulnerabilities are “so insidious,” said Bob Rudis, chief data scientist for the cybersecurity firm Rapid7, because they can circumvent security features supposed to run as a computer boots up.
{mosads}”It gives someone virtually complete control over events,” said Rudis, who noted the vulnerabilities allowed attackers to run their own programs, eavesdrop on user activities, and fabricate hardware input, including fake keystrokes and mouse movements.
“The computer wouldn’t even have to be on to use it, just plugged in,” he added.
There are multiple ways to tap into the Management Engine to exploit the flaw.
A Rapid7 scan of the internet found at least 6,000 or so vulnerable systems exposed online. But some of those are likely “honeypots” meant to trick attackers, said Rudis.
Patching the problem may take more effort than fixing other security issues. Fixes vary from system to system and will be provided by system manufacturers — users of Dell systems will obtain patches from Dell, and so on, meaning that different brands will be patchable at different times.
Intel is maintaining a directory of different manufacturer’s fixes, but thus far only Dell, Lenovo and Intel have posted to it.