Intel vulnerability worse than first thought
The Intel enterprise chipset privileged access vulnerability first disclosed earlier this month is more critical than originally disclosed, according to the company that discovered the flaw.
Intel issued a security alert warning of a critical escalation of privileges flaw in its Active Management Technology (AMT), Intel Standard Manageability and Small Business Technology firmware.
Smart device security company Embedi, which discovered the AMT vulnerability, has now warned that the exploit allows an attacker to get full control over a business computer even if it is turned off, as long as it is still plugged in.
The vulnerability can allow remote control of a system’s mouse, keyboard and monitor, remote modification of a PC’s boot device and the ability to power on, power off, reboot and reset the computer.
Embedi said the flaw was first discovered in mid-February while studying the internals of Intel ME firmware, but the company feared that releasing the details before Intel could patch the vulnerability would spark attacks on Intel AMT business users.
NCR Corporation has separately warned that many ATMs could be vulnerable to the exploit and will need to be patched.
Microsoft has meanwhile rapidly moved to patch a remote code execution flaw discovered by Google’s Project Zero.
On Friday, Project Zero researcher Tavis Ormandy tweeted that he and fellow researcher Natalie Silvanovich may have discovered “the worst Windows remote code exec in recent memory. This is crazy bad.”
The exploit involves a flaw in the Microsoft Malware Protection Engine used by Windows Defender and other Microsoft anti-malware products that could ironically potentially allow hackers to use the anti-malware software to remotely execute malicious code.
Project Zero gives companies a 90-day window to fix an exploit before disclosing, but Microsoft wasted no time patching the exploit, issuing a critical security update yesterday US time. The protection engine will automatically apply the update within 48 hours of release, the security update states.
Ormandy was impressed with Microsoft’s turnaround time, commenting on Twitter that it was an “amazing response”.
GenAI 'grey bots' scraping data from websites
Research from Barracuda has highlighted the issue of morally and legally ambiguous 'grey...
Tanium partners with DXC on endpoint management
Tanium has secured a partnership agreement with DXC that will leverage the company's...
Surge in GenAI data uploads increasing unintentional cyber risk: report
Without proper data security controls, GenAI can turn employees into unintentional...
