Stories
Slash Boxes
Comments

SoylentNews is people

New Intel Management Engine Bugs

posted by martyb on Tuesday July 31 2018, @10:18AM   Printer-friendly
from the how-do-you-turn-it-off? dept.

An Anonymous Coward writes:

Not that anyone is surprised or even cares but two more severe bugs have been found in the Intel Management Engine firmware. They allow remote execution with full privileges:

https://nvd.nist.gov/vuln/detail/CVE-2018-3627
https://nvd.nist.gov/vuln/detail/CVE-2018-3628

An article about these vulnerabilities on Tech Republic provides summaries and lists the affected processors.

Original Submission

 
This discussion has been archived. No new comments can be posted.
New Intel Management Engine Bugs | Log In/Create an Account | Top | 45 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by DannyB on Tuesday July 31 2018, @01:37PM (8 children)

    by DannyB (5839) on Tuesday July 31 2018, @01:37PM (#715178) Journal

    The NSA now has a new way of getting into Intel-based machines.

    Allow me to speculate wildly.

    Once upon a time the NSA had a way into all PCs via an NSA malware tool known as Windows.

    Linux growth spoiled that. Shame, shame!

    Now we have compromise baked directly into the hardware. What could be better? And best of all, the end users pay for it!

    --
    If you eat an entire cake without cutting it, you technically only had one piece.
    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 4, Touché) by Thexalon on Tuesday July 31 2018, @02:32PM (7 children)

    by Thexalon (636) on Tuesday July 31 2018, @02:32PM (#715193)

    Linux growth spoiled that. Shame, shame!

    Counterpoint: They can still get in by taking advantage of the malware tool known as "systemd".

    --
    The only thing that stops a bad guy with a compiler is a good guy with a compiler.

    • (Score: 2) by DannyB on Tuesday July 31 2018, @03:10PM (2 children)

      by DannyB (5839) on Tuesday July 31 2018, @03:10PM (#715208) Journal

      That is a Touché!

      --
      If you eat an entire cake without cutting it, you technically only had one piece.

    • (Score: 0) by Anonymous Coward on Tuesday July 31 2018, @09:15PM

      by Anonymous Coward on Tuesday July 31 2018, @09:15PM (#715405)

      Intel has been patching old firmwares, sometimes even multiple times... but they only distribute some of them, nevermind all are marked as ready.
      Example with two unreleased updates (or three, where is 0x08?) https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903141 [debian.org]

      So why update them and later keep them? Only for NSA machines?

    • (Score: 2) by eravnrekaree on Wednesday August 01 2018, @03:08AM (1 child)

      by eravnrekaree (555) on Wednesday August 01 2018, @03:08AM (#715506)

      This is so misinformed its really astounding. You can configure systemd to your hearts content. Its open source. You control it. If you would actually look into it rather than rattle off some canned token phrase you heard someone else say, you would know that.

      • (Score: 0) by Anonymous Coward on Thursday August 02 2018, @02:59PM

        by Anonymous Coward on Thursday August 02 2018, @02:59PM (#716257)

        Configure? How about change?
        Let's start with decoupling it from the Dessktop so it can act only as an init

    • (Score: 0) by Anonymous Coward on Thursday August 02 2018, @02:56PM

      by Anonymous Coward on Thursday August 02 2018, @02:56PM (#716255)

      Does anyone comprehend SystemD enough to do that and not unintentionally break stuff?