Finnish cybersecurity specialist F-Secure has reported another serious flaw in Intel hardware. It has nothing to do with the Spectre and Meltdown vulnerabilities, but has a huge “destructive potential” too.F-Secure said Friday it had found a serious flaw in Intel hardware which could enable hackers to access corporate laptops remotely.
It said it detected an issue within Intel’s Active Management Technology (AMT) “which is commonly found in most corporate laptops and allows attackers to take complete control over a user’s device in a matter of seconds.”
“The issue potentially affects millions of laptops globally,” said F-Secure consultant Harry Sintonen, who discovered the flaw. “It’s of an almost shocking simplicity, but its destructive potential is unbelievable.”
Loss of confidentiality
F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
“No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue,” Sintonen warned.
A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
hg/jd (AFP, F-Secure)