Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:
https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628
An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.
(Score: 2) by eravnrekaree on Wednesday August 01 2018, @03:05AM (1 child)
Its not surprising but its something I would care about. The whole Intel ME concept is a turd and should be discarded. The basic problems have been mentioned many times before as to why the concept is fundamentally flawed. It does not provide greater security, everything it does should be done at the OS level.
(Score: 0) by Anonymous Coward on Thursday August 02 2018, @02:52PM
Somehow I doubt they care what you or anyone else thinks