Secure: Major security flaw affecting millions of corporate laptops

This boot menu could allow an attacker to get remote access to your notebook or desktop

"The attack is nearly deceptively simple to enact, but it has incredible destructive potential".

"In practice, it can give an attacker complete control over an individual's work laptop, despite even the most extensive security measures", he added.

The attack would bypass any other security protections in place, including a BIOS password, Trusted Platform Module PIN or Bitlocker full-disk encryption, Sintonen says.

F-Secure has notified Intel, all relevant device manufacturers and the CERT-Coordination Center in the United States about the security issue. The end users should read Intel's AMT guide carefully and avoid taking unnecessary risk. Intel says it's been shipped on more than 100 million systems over the past decade.

Today, Finnish company F-Secure's researcher Harry Sintonen revealed that there is yet another vulnerability in Intel chipsets affecting a huge number of corporate PCs.

Sintonen and his colleagues at F-Secure have come across the issue repeatedly since early summer past year.

If you're an individual running your own device, change the AMT password to a strong one, even if you don't plan on using AMT.

In this case, however, the attacker has a workaround: AMT.

If we talk in strict computer security terms, it's not a vulnerability. The price they pay for convenience may not be worth the lack of security and the high-risk of compromise Intel ME and AMT seem to provide. "The attack doesn't require a lot of time - the whole operation can take well under a minute to complete", Sintonen explained.

How does the attack work? Even if you think the chance of system penetration via inappropriate local access is minimal, the solution to this problem is to not allow access to the AMT until the proper BIOS password is entered. In doing so, the attacker can gain remote access to the system from both wireless and wired networks, as long as they're able to insert themselves onto the same network segment with the victim, F-Secure said.

The attackers can then log into Intel Management Engine BIOS Extension using the default "admin" password (most likely never altered) and change it to whatever they wish.

Twitter is latest target of right-wing Project Veritas
Pierre also mentioned that the new AI won't ban a "mindset" but will ban "a way of talking". That is in line with Twitter's official line on the issue of banning the president.

Go through all now deployed devices and configure the AMT password or disable the functionality altogether.

"Go through all now deployed devices and configure the AMT password". While inspection, if a PC's AMT password is found to be already set to an unknown value, it should be treated with suspicion and appropriate steps should be taken.

"We discovered the issue this summer, and since discovering it, we have found it in thousands of laptops", F-Secure told El Reg. "We agreed with Intel that we would come out with the issue in January".

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. The changes can be made in under a minute, according to F-Secure. In October 2017, Parth Shukla, a security researcher at Google, also detailed the flaws in a Luxembourg conference presentation.

F-Secure reports that despite all this guidance, insecure Intel AMT setups remain widespread. A similar vulnerability has also been previously pointed out by CERT-Bund but with regards to USB provisioning, Sintonen said.

When ordering new devices, consider whether to order them without AMT, AMT disabled by default, or to provision AMT before enrolment.

These are not the first AMT security problems to have been discovered. Chipzilla advises vendors to require the BIOS password when rolling out AMT.

The security flaw exists within Intel chipsets using Active Management Technology (AMT), the chip firm's hardware and software tech that enables the upkeep of (usually corporate) laptops by tech support staff remotely.

AMT has had its share of security issues in the past, but this new one is arguably the most concerning issue yet.

And more to the point, this is an easily resolved flaw.

Related News:

  • Dark Souls coming to Nintendo Switch

    Dark Souls coming to Nintendo Switch

    Instead, there was just a cinematic with foreboding music playing in the background while the camera slowly panned up to a pyre. It includes Dark Souls Remastered , Dark Souls 2: Scholar of the First Sin , and Dark Souls 3: The Fire Fades Edition.
    Spartans struggle again, beat Rutgers in ovetime

    Spartans struggle again, beat Rutgers in ovetime

    However, the game was tied at halftime and Rutgers trailed by only two points with eight minutes to play in regulation. There are encouraging signs, and Rutgers came move up with good home showings against Ohio State and Iowa next week.
    What caused Greater Vancouver condo prices to soar heading into 2018?

    What caused Greater Vancouver condo prices to soar heading into 2018?

    Meanwhile single family home prices across the region climbed by about 12 per cent to $1.5 million. The median price of a two-storey home increased 6.6 per cent year-over-year to $1,586,991.
  • Aetna Inc (NYSE:AET) Institutional Investor Sentiment

    Pggm Investments decreased its stake in Aetna Inc New Com (AET) by 5% based on its latest 2017Q3 regulatory filing with the SEC. Finally, Phocas Financial Corp. acquired a new stake in shares of Aetna during the 2nd quarter worth approximately $182,000.

    Tenet Healthcare Corporation (NYSE:THC) Stock Through Resistance -- Technicals Hit Extreme Strength

    About 4.51M shares traded or 37.27% up from the average. (NASDAQ:TTWO) has risen 81.23% since January 11, 2017 and is uptrending. Camber Management Limited Co owns 5.75M shares or 5.99% of their U.S. portfolio. 168,000 were accumulated by Markel Corporation.
    Teen Titans GO! To The Movies Trailer Pokes Fun At The DCEU

    Teen Titans GO! To The Movies Trailer Pokes Fun At The DCEU

    Here is a rundown of some of our most anticipated 2018 projects. It opens in in Australia and New Zealand on July 26, 2018. The film comes from the creatives behind the show.
  • Here's what Facebook News Feed overhaul could mean to users, business

    Here's what Facebook News Feed overhaul could mean to users, business

    He said it showed that when sites such as Facebook were used to connect with "people we care about", they can improve well-being. Fall in shares has reached up to 6.1% ahead of the open market, following the closing just below the flatline on Thursday.
    CVS plans to keep Aetna's headquarters in CT

    CVS plans to keep Aetna's headquarters in CT

    At that point, many in CT believed that Aetna might stay after all. "Aetna staying CT is good for both us and them", said Murphy. CVS confirmed to Channel 3 that the company has "no plans to relocate Aetna's operations from Hartford".
    Pokemon Go Features Surfing Pikachu In Its First Community Day Event

    Pokemon Go Features Surfing Pikachu In Its First Community Day Event

    This day's event session will take place at a different time dependent on each trainer's region of the world. This bonuses include increased XP or Stardust, and lure modules will last three hours during it.
  • Mourinho demands Jamie Vardy, Javier 'Chicharito' Hernandez

    Mourinho demands Jamie Vardy, Javier 'Chicharito' Hernandez

    Leicester's Vardy would be the most expensive option of the three at around £35m, despite the England worldwide turning 31 today. As reported by Sportsmail, United are also keen to sign Alexis Sanchez from under the nose of their rivals Manchester City.

    Ambev SA (ABEV) Moves 0.15%

    Over the last three months, the shares of the company have changed 20.45% and performed 33.61% over the last six months. Taking a broader look at the analyst consensus, brokerage firms have a price target of $3.53 on Yamana Gold (NYSE:AUY).
    European Union  unveils plan for Euro  1 bln investment in high-performance computing

    European Union unveils plan for Euro 1 bln investment in high-performance computing

    It predicts that with the use of a supercomputer, vehicle production cycles could be reduced "from 60 months to 24 months". The EU Commission sees this investment as crucial for the EU's competitiveness and independence in the data economy.


Most liked

NRI held for molesting United States woman at Taj hotel
The Delhi Police have arrested a 25-year-old NRI for allegedly molesting a USA national at a five-star hotel in Chanakyapuri. On January 10, she approached police alleging that Kharbanda, a resident of California, had molested her.

Emerson Electric Company (EMR) Stake Decreased by Cullen Frost Bankers Inc
Emerson Electric had a return on equity of 20.47% and a net margin of 9.94%. (NYSE: EMR ) on Monday, July 10 with "Hold" rating. The company has a market cap of $47,440.00, a PE ratio of 28.87, a price-to-earnings-growth ratio of 3.25 and a beta of 1.24.

Serena reveals medical complications after childbirth
Despite a tough few months, Williams is excited about motherhood , ready to tackle new challenges and get back on the court. Tennis heavy hitters Caroline Wozniacki, Svetlana Kuznetsova and Angelique Kerber have all expressed how much she's missed.

Dissecting the Insider Trading Patterns of Twenty-First Century Fox, Inc. (FOXA)
Candriam Luxembourg S.C.A. lifted its position in shares of Twenty-First Century Fox by 76.8% during the third quarter. Northland Capital maintained Paylocity Holding Corporation (NASDAQ:PCTY) on Friday, September 8 with "Buy" rating .

Amid security rumpus Intel denies processors are flawed
The company said in a statement that its product designs meant that there is a "near zero risk to AMD processors at this time". Spectre is a security flaw that affects select smartphones and mobile computing devices with Intel , ARM and AMD chipsets.

Wall St. hits new highs on bank earnings, economic optimism
The Labor Department's Consumer Price Index, which excludes the volatile food and energy components, rose 0.3 percent last month. Advancing issues outnumbered decliners on the NYSE by 2,103 to 762.

African countries demand Trump apology
President Donald Trump on Friday for reportedly using vulgar language to describe Haiti and countries in Africa. She said the ANC was not in a position to stop any president from any country from saying anything they wished.

Ivanka Trump's #timesup tweet beyond the pale
People were quick to point out that Donald Trump has been accused of sexual harassment and misconduct by as many as 17 women. In response, Trump said, "Look, I'm not in every interaction my father has, but he's not a groper".

Pennsylvania Real Estate Investment Trust (PEI)
After a recent check, the current stock price divided by the 52-week high for shares of Wheeler Real Estate Investment Trust, Inc. It dived, as 66 investors sold LLY shares while 386 reduced holdings. 23 funds opened positions while 63 raised stakes.

Republican legislators unveil new U.S. immigration Bill
Congress has to make a budget deal by January 19 or face shutting down the federal government - except for essential services. And, Alsup added, the Trump Administration can still keep DACA recipients from re-entering the U.S if they leave the country.

Ross Stores, Inc. (NASDAQ:ROST) Shares Sold by Cubist Systematic Strategies LLC
Alecta Pensionsforsakring Omsesidigt bought 200,000 shares as the company's stock declined 9.26% while stock markets rallied. However, the stock is trading at -1.75% versus recent highs ($82.12). (NYSE:CAT) shares were sold by De Lange Bob.

Photo Of Alleged Suspect In Alabama Coaching Theft Has Leaked
Forgetting the playbook aspect of the theft, this stinks for Dunbar, who lost his passport, money, laptop and phone. Dunbar, a former undercover police officer, just finished his second season as Alabama's defensive line coach.

Dark Souls is coming to Nintendo Switch
Noire on the platform and 2015's smash indie hit Rocket League also came to the platform past year with cross-play support. For the Nintendo Switch version of Dark Souls: Remastered , you only find this so far at GameStop.com , also for $39.99.

Swedbank Decreases Stake in Gilead Sciences, Inc. (NASDAQ:GILD)
The stock of Northern Trust Corporation ( NASDAQ :NTRS) earned "Neutral" rating by Buckingham Research on Thursday, October 19. STOR share have plunged by -4.72% in percentage terms since the start of the year - and retreated -3.61% in the last month.

Revision in Analysts' Earnings Estimates: Mondelez International, Inc. (MDLZ)
The stock of The Boeing Company (NYSE:BA) has "Overweight" rating given on Thursday, October 6 by Barclays Capital. Nbt Natl Bank N A holds 33,212 shares or 0.22% of its portfolio. 15,630 were accumulated by Gamble Jones Counsel.