Stories
Slash Boxes
Comments

SoylentNews is people

New Intel Management Engine Bugs

posted by martyb on Tuesday July 31 2018, @10:18AM   Printer-friendly
from the how-do-you-turn-it-off? dept.

An Anonymous Coward writes:

Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:

https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628

An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.

Original Submission

 
This discussion has been archived. No new comments can be posted.
New Intel Management Engine Bugs | Log In/Create an Account | Top | 45 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Insightful) by The Mighty Buzzard on Tuesday July 31 2018, @01:06PM (2 children)

    by The Mighty Buzzard (18) <themightybuzzard@proton.me> on Tuesday July 31 2018, @01:06PM (#715160) Homepage Journal

    Almost certainly doesn't need one though. I have no doubt whatsoever that they had the keys to the kingdom on every Intel box that had it within two weeks of the IME shipping.

    --
    My rights don't end where your fear begins.
    Starting Score:    1  point
    Moderation   +2  
       Insightful=2, Total=2
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by bob_super on Tuesday July 31 2018, @04:31PM (1 child)

    by bob_super (1357) on Tuesday July 31 2018, @04:31PM (#715264)

    Pretty much by definition.
    The NSA advises/controls purchases for millions of computers deemed "sensitive". Intel has regular meetings with them to show them the latest boot/firmware code, in exchange for which they occasionally get told to fix a bug or two, and get to sell to that market.

    • (Score: 0, Disagree) by Anonymous Coward on Wednesday August 01 2018, @08:06AM

      by Anonymous Coward on Wednesday August 01 2018, @08:06AM (#715558)

      The NSA advises/controls purchases for millions of computers deemed "sensitive". Intel has regular meetings with them to show them the latest boot/firmware code, in exchange for which they occasionally get told to create a bug or two, and get to sell to that market.

      FTFY