On Monday, November 20, Intel released an advisory for security listing latest vulnerabilities in Management Engine of its Intel remote administration feature. It also includes bugs in the remote server management tool. Intel has found the vulnerabilities after going through a security audit. It has very recently published a ‘Detection Tool for Windows and Linux administrators’ so that they can check their systems and find out if they’re exposed.
The Management Engine is a subsystem that acts independently of the microprocessor on Intel chipsets. This ME allows users to control their devices remotely for any and all types of functions, from downloading updates to troubleshooting their device. Since this engine has extensive access and control over the main system, flaws in it can give the attackers a powerful breach to exploit. Some security advisors have even called it an unnecessary security hazard.
As with previous bugs, almost all of the recently issued Intel chips are impacted. This has affected servers, PCs, and many other devices. For resolving the issue, Intel has provided updates to manufacturers, but the customers will need to wait for their hardware companies to roll out the fixes.
This newly disclosed vulnerability can cause instability and even system crashes. They can also be used to impersonate the Engine, the Server Platform Services, and Execution Engine in order to erode security verifications. If exploited, this vulnerability can operate your system separately from the main device, which means that many engines wouldn’t even recognise an attack on the system. Even now, the full impact of this vulnerability isn’t clear, because of the little amount of information that Intel has released.
A ray of sunshine in the otherwise looming dark clouds is that most of the vulnerabilities require a local access to exploit. This means that someone has to have their hands on such a device to breach through the security.