Chip giant Intel has finally been marked with a nearly ten years of security vulnerabilities patch, blocked with the chip active management technology (AMT) technology related to a high-risk vulnerability, the vulnerability affected since 2008, Nehalem until 2017 Kaby Lake and many other chips. The latest firmware fix number is as follows, hope that the affected chip model users as soon as possible to upgrade the latest BIOS firmware, blocking loopholes.
In a recent release of a security bulletin, Intel has given a "serious Severity" assessment of this compromise vulnerability. The vulnerability exists in Active Management (AMT), Standard Management (ISM), and Intel Small Business Technology (SBT), involving version 6.x, 7.x, 8.x, 9.x, 10.x, 11.5 and 11.6 firmware.
With this vulnerability, the attacker can "get the control of the management functions provided in the above products".
In addition, Intel also gives two examples:
SemiAccurate said it urges Intel to fix the problem for several years, but the company has been almost indifferent in the past nine years.
Intel chip has a microprocessor and operating system independent of the microprocessor, called the Intel management engine Intel Management Engine, referred to as ME. A variety of technologies are based on ME, including code processing, media DRM, Trusted Platform Module TPM and so on.
ME is a separate system that is different from the CPU, it can be under the control of the CPU without using AMT (Intel Active Management Technology) and other technologies used to remotely manage the enterprise computer.
It relies on Intel's Active Management Technology (AMT) to achieve, when the function is turned on, even in the case of shutdown can also be computer remote management, you can view the status, installation, update software or systems, browse disk files. Such a powerful and convenient management technology also left a huge security threat.