Security researchers say they’ve found a way to exploit Intel’s accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December.
Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”.
Intel Management Engine (ME), a microcontroller that handles much of the communication between the processor and external devices, hit the headlines in May 2017 due to security concerns regarding the Active Management Technology (AMT) that runs on top of the engine.
It later emerged that AMT had a simple authentication error: an attacker could login with an empty password field.
For those whose vendors haven’t pushed a firmware patch for AMT, in August Positive Technologies discovered how to switch off Management Engine.
El Reg expects a lot of users who skipped the ME “kill switch” in the last month are about to have a change of mind, once they read this abstractahead of Black Hat Europe.
Source: The Register