Stories
Slash Boxes
Comments

SoylentNews is people

New Intel Management Engine Bugs

posted by martyb on Tuesday July 31 2018, @10:18AM   Printer-friendly
from the how-do-you-turn-it-off? dept.

An Anonymous Coward writes:

Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:

https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628

An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.

Original Submission

 
This discussion has been archived. No new comments can be posted.
New Intel Management Engine Bugs | Log In/Create an Account | Top | 45 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Tuesday July 31 2018, @09:15PM

    by Anonymous Coward on Tuesday July 31 2018, @09:15PM (#715405)

    Intel has been patching old firmwares, sometimes even multiple times... but they only distribute some of them, nevermind all are marked as ready.
    Example with two unreleased updates (or three, where is 0x08?) https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903141 [debian.org]

    So why update them and later keep them? Only for NSA machines?