Secure: Major security flaw affecting millions of corporate laptops

Intel AMT flaw lets attackers take control of laptops in 30 seconds

"The attack is nearly deceptively simple to enact, but it has incredible destructive potential".

"In practice, it can give an attacker complete control over an individual's work laptop, despite even the most extensive security measures", he added.

The attack would bypass any other security protections in place, including a BIOS password, Trusted Platform Module PIN or Bitlocker full-disk encryption, Sintonen says.

F-Secure has notified Intel, all relevant device manufacturers and the CERT-Coordination Center in the United States about the security issue. The end users should read Intel's AMT guide carefully and avoid taking unnecessary risk. Intel says it's been shipped on more than 100 million systems over the past decade.

Today, Finnish company F-Secure's researcher Harry Sintonen revealed that there is yet another vulnerability in Intel chipsets affecting a huge number of corporate PCs.

Sintonen and his colleagues at F-Secure have come across the issue repeatedly since early summer past year.

If you're an individual running your own device, change the AMT password to a strong one, even if you don't plan on using AMT.

In this case, however, the attacker has a workaround: AMT.

If we talk in strict computer security terms, it's not a vulnerability. The price they pay for convenience may not be worth the lack of security and the high-risk of compromise Intel ME and AMT seem to provide. "The attack doesn't require a lot of time - the whole operation can take well under a minute to complete", Sintonen explained.

How does the attack work? Even if you think the chance of system penetration via inappropriate local access is minimal, the solution to this problem is to not allow access to the AMT until the proper BIOS password is entered. In doing so, the attacker can gain remote access to the system from both wireless and wired networks, as long as they're able to insert themselves onto the same network segment with the victim, F-Secure said.

The attackers can then log into Intel Management Engine BIOS Extension using the default "admin" password (most likely never altered) and change it to whatever they wish.

Wall St. hits new highs on bank earnings, economic optimism
The Labor Department's Consumer Price Index, which excludes the volatile food and energy components, rose 0.3 percent last month. Advancing issues outnumbered decliners on the NYSE by 2,103 to 762.

Go through all now deployed devices and configure the AMT password or disable the functionality altogether.

"Go through all now deployed devices and configure the AMT password". While inspection, if a PC's AMT password is found to be already set to an unknown value, it should be treated with suspicion and appropriate steps should be taken.

"We discovered the issue this summer, and since discovering it, we have found it in thousands of laptops", F-Secure told El Reg. "We agreed with Intel that we would come out with the issue in January".

Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices. The changes can be made in under a minute, according to F-Secure. In October 2017, Parth Shukla, a security researcher at Google, also detailed the flaws in a Luxembourg conference presentation.

F-Secure reports that despite all this guidance, insecure Intel AMT setups remain widespread. A similar vulnerability has also been previously pointed out by CERT-Bund but with regards to USB provisioning, Sintonen said.

When ordering new devices, consider whether to order them without AMT, AMT disabled by default, or to provision AMT before enrolment.

These are not the first AMT security problems to have been discovered. Chipzilla advises vendors to require the BIOS password when rolling out AMT.

The security flaw exists within Intel chipsets using Active Management Technology (AMT), the chip firm's hardware and software tech that enables the upkeep of (usually corporate) laptops by tech support staff remotely.

AMT has had its share of security issues in the past, but this new one is arguably the most concerning issue yet.

And more to the point, this is an easily resolved flaw.

Related News:

  • Serena reveals medical complications after childbirth

    Serena reveals medical complications after childbirth

    Despite a tough few months, Williams is excited about motherhood , ready to tackle new challenges and get back on the court. Tennis heavy hitters Caroline Wozniacki, Svetlana Kuznetsova and Angelique Kerber have all expressed how much she's missed.
    Dark Souls coming to Nintendo Switch

    Dark Souls coming to Nintendo Switch

    Instead, there was just a cinematic with foreboding music playing in the background while the camera slowly panned up to a pyre. It includes Dark Souls Remastered , Dark Souls 2: Scholar of the First Sin , and Dark Souls 3: The Fire Fades Edition.
    Republican legislators unveil new U.S.  immigration Bill

    Republican legislators unveil new U.S. immigration Bill

    Congress has to make a budget deal by January 19 or face shutting down the federal government - except for essential services. And, Alsup added, the Trump Administration can still keep DACA recipients from re-entering the U.S if they leave the country.
  • Emerson Electric Company (EMR) Stake Decreased by Cullen Frost Bankers Inc

    Emerson Electric had a return on equity of 20.47% and a net margin of 9.94%. (NYSE: EMR ) on Monday, July 10 with "Hold" rating. The company has a market cap of $47,440.00, a PE ratio of 28.87, a price-to-earnings-growth ratio of 3.25 and a beta of 1.24.
    Here's what Facebook News Feed overhaul could mean to users, business

    Here's what Facebook News Feed overhaul could mean to users, business

    He said it showed that when sites such as Facebook were used to connect with "people we care about", they can improve well-being. Fall in shares has reached up to 6.1% ahead of the open market, following the closing just below the flatline on Thursday.
    What caused Greater Vancouver condo prices to soar heading into 2018?

    What caused Greater Vancouver condo prices to soar heading into 2018?

    Meanwhile single family home prices across the region climbed by about 12 per cent to $1.5 million. The median price of a two-storey home increased 6.6 per cent year-over-year to $1,586,991.
  • Micron Technology, Inc. (NASDAQ:MU) SVP Sells 60921 Shares of Stock

    Micron Technology, Inc. (NASDAQ:MU) SVP Sells 60921 Shares of Stock

    First American Trust FSB's holdings in Micron Technology were worth $2,790,000 at the end of the most recent reporting period. It fall, as 40 investors sold WB shares while 48 reduced holdings. 99 funds opened positions while 465 raised stakes.

    Ross Stores, Inc. (NASDAQ:ROST) Shares Sold by Cubist Systematic Strategies LLC

    Alecta Pensionsforsakring Omsesidigt bought 200,000 shares as the company's stock declined 9.26% while stock markets rallied. However, the stock is trading at -1.75% versus recent highs ($82.12). (NYSE:CAT) shares were sold by De Lange Bob.

    Adobe Systems (ADBE) Downgraded by Zacks Investment Research to "Hold"

    The stock of Adobe Systems Incorporated (NASDAQ:ADBE) has "Buy" rating given on Thursday, October 19 by Bank of America. Central Bank & Trust Co decreased Adobe Systems Incorporated ( ADBE ) stake by 4.46% reported in 2017Q3 SEC filing.
  • Ambev SA (ABEV) Moves 0.15%

    Over the last three months, the shares of the company have changed 20.45% and performed 33.61% over the last six months. Taking a broader look at the analyst consensus, brokerage firms have a price target of $3.53 on Yamana Gold (NYSE:AUY).

    Haiti 'shocked and outraged' over reported Trump remarks

    Trump tweets: "Never said anything derogatory about Haitians other than Haiti is, obviously, a very poor and troubled country". Trump also said the United States should admit more people from places like Norway, an overwhelmingly white country .
    Winter Weather Advisory through 4am

    Winter Weather Advisory through 4am

    Rain will change to snow with a period of freezing rain and sleet possible, according to the National Weather Service . Gusty winds are possible in wind prone areas producing localized blowing and drifting snow and reduced visibility.


Most liked

Notable Stock Analysts Ratings Kohl's Corp. (KSS)
Connor Clark And Lunn Invest Mgmt reported 0.03% of its portfolio in The AES Corporation (NYSE:AES). (NYSE:LRN) for 97,947 shares. First Interstate Bank increased its stake in At&T Inc (T) by 358.18% based on its latest 2017Q3 regulatory filing with the SEC.

Aetna Inc (NYSE:AET) Institutional Investor Sentiment
Pggm Investments decreased its stake in Aetna Inc New Com (AET) by 5% based on its latest 2017Q3 regulatory filing with the SEC. Finally, Phocas Financial Corp. acquired a new stake in shares of Aetna during the 2nd quarter worth approximately $182,000.

Win Butler & other musicians respond to Trump's "shithole countries" comments
The mood quickly changed when some reporters started shouting about the president's reported "shithole" comment from Thursday. Some lawmakers took a hard line against Trump's statement, while others were more forgiving. "Made up by Dems", Trump wrote.

Minnesota confirms first child death this flu season
The advice from Werker, Shahab and others is to stay home when you're sick, cough into your sleeve and always wash your hands . There have been 49 cases of influenza reported in Kentucky's long-term care centers, the department reported.

Dissecting the Insider Trading Patterns of Twenty-First Century Fox, Inc. (FOXA)
Candriam Luxembourg S.C.A. lifted its position in shares of Twenty-First Century Fox by 76.8% during the third quarter. Northland Capital maintained Paylocity Holding Corporation (NASDAQ:PCTY) on Friday, September 8 with "Buy" rating .

African countries demand Trump apology
President Donald Trump on Friday for reportedly using vulgar language to describe Haiti and countries in Africa. She said the ANC was not in a position to stop any president from any country from saying anything they wished.

Ivanka Trump's #timesup tweet beyond the pale
People were quick to point out that Donald Trump has been accused of sexual harassment and misconduct by as many as 17 women. In response, Trump said, "Look, I'm not in every interaction my father has, but he's not a groper".

Pennsylvania Real Estate Investment Trust (PEI)
After a recent check, the current stock price divided by the 52-week high for shares of Wheeler Real Estate Investment Trust, Inc. It dived, as 66 investors sold LLY shares while 386 reduced holdings. 23 funds opened positions while 63 raised stakes.

National Weather Service: Potential for flooding Friday into Saturday
Update: Friday evening, the National Weather Service canceled the flood advisory for northwestern Cuyahoga County. Ice jams become temporary dams, blocking the flow of water downstream, potentially causing flooding.

Twitter is latest target of right-wing Project Veritas
Pierre also mentioned that the new AI won't ban a "mindset" but will ban "a way of talking". That is in line with Twitter's official line on the issue of banning the president.

Pokemon Go Features Surfing Pikachu In Its First Community Day Event
This day's event session will take place at a different time dependent on each trainer's region of the world. This bonuses include increased XP or Stardust, and lure modules will last three hours during it.

Teen Titans GO! To The Movies Trailer Pokes Fun At The DCEU
Here is a rundown of some of our most anticipated 2018 projects. It opens in in Australia and New Zealand on July 26, 2018. The film comes from the creatives behind the show.

Spartans struggle again, beat Rutgers in ovetime
However, the game was tied at halftime and Rutgers trailed by only two points with eight minutes to play in regulation. There are encouraging signs, and Rutgers came move up with good home showings against Ohio State and Iowa next week.

Swedbank Decreases Stake in Gilead Sciences, Inc. (NASDAQ:GILD)
The stock of Northern Trust Corporation ( NASDAQ :NTRS) earned "Neutral" rating by Buckingham Research on Thursday, October 19. STOR share have plunged by -4.72% in percentage terms since the start of the year - and retreated -3.61% in the last month.

Jordan Spieth six off the lead after late quadruple-bogey — Sony Open
He is three shots behind clubhouse leader Chris Kirk , who posted a flawless 63, including five birdies on the back nine. Johnson admitted his round was a pleasant surprise, after a bout of flu cost him some pre-season practice time.