Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:
https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628
An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.
(Score: 2) by bob_super on Tuesday July 31 2018, @04:31PM (1 child)
Pretty much by definition.
The NSA advises/controls purchases for millions of computers deemed "sensitive". Intel has regular meetings with them to show them the latest boot/firmware code, in exchange for which they occasionally get told to fix a bug or two, and get to sell to that market.
(Score: 0, Disagree) by Anonymous Coward on Wednesday August 01 2018, @08:06AM
FTFY