A Security Issue in Intel’s Active Management Technology (AMT)

However, F-Secure believes that the "pure simplicity of exploiting this particular issue sets it apart from previous instances", warning: "The weakness can be exploited in mere seconds without a single line of code".

Normally, laptop users set-up BIOS passwords to prevent unauthorised users from booting up devices or making changes to the boot-up process.

To exploit the flaws highlighted by F-Secure, attackers only need to reboot or power-up the target machine and press CTRL-P during boot-up, claimed F-Secure. After that, they can log-in to Intel Management Engine BIOS Extension (MEBx) with a default password.

The good news is that an attacker needs to have physical access to the computer.

The bad news is that they only need that access for less than a minute and don't need any special tools or boot media.

I don't understand how this is a security vulnerability - it's a feature of the particular BIOS version.

Essentially, you can set up remote access on machines that are designed to allow remote access.

I don't get how this is an issue unless the machines are corporate machines and corporate IT Support didn't set them up correctly, but that's a whole separate issue.

2 Likes

Forum kindly sponsored by