SoylentNews

New Intel Management Engine Bugs

posted by martyb on Tuesday July 31 2018, @10:18AM   
from the how-do-you-turn-it-off? dept.

An Anonymous Coward writes:

Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:

https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628

An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.

---

Original Submission

• Re:Performance Impact? (Score: 4, Insightful) by requerdanos on Tuesday July 31 2018, @02:49PM

  by requerdanos (5997) on Tuesday July 31 2018, @02:49PM (#715202) Journal

  AMD too with their equivalent (the PSP), through the latter recently took some positive steps [phoronix.com] in that regard.

  Linked Phoronix Article: With the latest AGESA update for Ryzen-based systems... AMD appears to... allow the PSP to be disabled by the user through their UEFI/BIOS area. [Reddit users report] a "BIOS PSP Support - Disabled" option when updating their BIOS.

  I agree, that's a positive* step, but in my (possibly paranoid) opinion, an option to "turn off" BIOS support for your computer's "built-in secret full-privelige rootkit controlled by not-you" still isn't very reassuring, because it doesn't make you magically have no "secret full-privelege rootkit controlled by not-you".

  -------
  * Well, maybe not positive; maybe "ever so slightly less negative."

  Parent

  Starting Score:	1		point
  Moderation		+2
  Insightful=2, Total=2
  Extra 'Insightful' Modifier		0
  Karma-Bonus Modifier		+1
  Total Score:		4