SoylentNews

janrinok has found the following PDF:

There has been quite a bit of discussion recently regarding the use of a Management Engine (ME), or the code that exists within a CPU but is inaccessible to the user of the computer using that CPU. To quote from the introduction of this PDF:

Intel Management Engine (Intel ME) is a proprietary technology that consists of a microcontroller integrated into the Platform Controller Hub (PCH) chip and a set of built-in peripherals. The PCH carries almost all communication between the processor and external devices. Therefore, Intel ME has access to almost all data on the computer. The ability to execute third-party code on Intel ME would allow for a complete compromise of the platform.

Several people, including some from within our own community, have expressed concern that any weaknesses in the ME code would provide another attack surface and, guess what? It has been done! This PDF explains just how some people have managed to achieve the hackers dream and our worst nightmare, and details some research on this subject. It even goes so far as to explain how to run unsigned code in the ME, albeit under a limited set of circumstances - thus giving a hacker total control over the system. However, as this is only the beginning of such research in relative terms it does not bode well for the future. Finding the flaw is the first step, learning how to exploit is the next.

The PDF is, by necessity, quite technical but will be understandable by a significant proportion of our community. The report claims that the following CPUs are susceptible to the attacks detailed in it:

• 6th, 7th & 8th Generation Intel® CoreTM Processor Family
• Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
• Intel® Xeon® Processor Scalable Family
• Intel® Xeon® Processor W Family
• Intel® Atom® C3000 Processor Family
• Apollo Lake Intel® Atom Processor E3900 series
• Apollo Lake Intel® PentiumTM
• CeleronTM N and J series Processors

Original Submission