23:25 GMT06 August 2020
Listen Live
    Get short URL

    A serious new vulnerability has been discovered in Intel processors which allows hackers to gain full access to computer management within seconds, according to the website of the Finnish company F-Secure, specializing in computer security.

    The problem was discovered in the Active Management Technology, which provides remote access to management of settings and security of the computer. Millions of corporate devices around the world are potentially vulnerable to intruders, F-Secure said.

    A hacker trying to gain access to a computer can enter the Intel Management Engine BIOS menu when the device is booted, using a password that is usually set by default, and then configure for itself remote access.

    This vulnerability seems deceptively simple, but the potential damage from it is "huge," according to Harry Sintonen, senior security consultant at F-Secure and the one to first discovered the problem. 

    The security issue “is almost deceptively simple to exploit, but it has incredible destructive potential,” said Sintonen.

    “In practice, it can give an attacker complete control over an individual’s work laptop, despite even the most extensive security measures,” he stressed.

    Although the initial attack requires physical access to the device, Sintonen explained that the speed with which it can be done makes it relatively exploitable in a so-called “evil maid” scenario. 

    “You leave your laptop in your hotel room while you go out for a drink. The attacker breaks into your room and configures your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel WLAN. And since the computer connects to your company VPN, the attacker can access company resources,” the consultant said.

    Sintonen further pointed out that even a minute of diverting the attention of the target from their laptop, say at an airport or coffee shop, is enough to do the damage.

    Earlier experts identified a vulnerability in Intel processors that allows attackers to access files and data stored in the kernel's memory.


    First Musk, Then Facebook, Now DARPA Wants to Create Brain-Computer Interfaces
    Gotcha! How Computer Mouse Movements Betray Liars With 90% Accuracy
    Kaspersky Lab on NSA's Stolen Data: User Disabled the Antivirus on His Computer
    Quantum Leap: IBM Presents New Powerful 50-Qubit Computer
    Russian Creator of Largest Quantum Computer Predicts How Tech Will Change World
    technology, security, accessibility, flaws, hackers, Laptops, Intel
    Community standardsDiscussion