IT Admin Await Patch to Fix Critical Firmware Vulnerability
A critical firmware vulnerability in certain Intel-based systems may allow a network attacker to gain remote access and full control of devices or business PCs’ manageability features. PC vendors plan to roll out patches to fix the vulnerability soon. In the interim, Intel is offering a tool to help IT admin identify affected machines, according to Computerworld.
Systems that utilize enterprise management features found in Intel-based firmware from the past eight years may be vulnerable to the bug. Businesses use these enterprise management features to help them “remotely manage, track and repair huge fleets of connected computers, including retail checkout systems, digital signs and PCs,” Computerworld reports.
The bug, tracked by the as CVE-2017-5689, reportedly exists in Intel’s manageability SKUs — Intel Active Management Technology (AMT), Intel Standard Manageability and Intel Small Business Technology — as mentioned in a public Intel security advisory. IT admin will specifically need to look out for certain systems that utilize these technologies. On the bright side, exploitation of the vulnerability only occurs when users enable these features.
Embedi recently released additional technical details in a public notification explaining the critical nature of the firmware bug.
“The Intel AMT vulnerability is the first of its kind. The exploitation allows an attacker to get full control over business computers, even if they are turned off (but still plugged into an outlet),” the source states.
Furthermore, the attacker can also remotely gain control of machine’s mouse, keyboard and monitor.
Risk Mitigation for IT Admin
Until a patch is rolled out, users can still lessen their risk. For instance, Intel is offering a downloadable tool that can be used by IT admin or local users to determine whether a particular system would be subject to the vulnerability. The tool can provide risk assessment and perform bulk discovery across a number of machines. These capabilities should enable IT admin to better target systems that are in need of firmware updates.
IT professionals should also check with their system original equipment manufacturer for updated firmware. If a firmware update isn’t available, Intel provides a detailed guide that includes instructions on how to implement mitigations on the affected Intel manageability SKUs.