Red alert! Intel patches remote execution hole that's been hidden in biz, server chips since 2008

The Register ^ | May 1, 2017 | Chris Williams

[dayglored]

You know about the "Active Management Technology" (AMT) that has had many folks freaking out about "Spyware In My CPU?? WHAT???"

Well, guess what, it's a remotely exploitable vulnerability.

Now who would have guessed that???

BTW, this does not affect Macs that use the Intel chips because Apple does not enable the AMT features.

[dayglored]

"Hidden" Second-CPU Vulnerability -- Remote Exploit! ... PING!

You can find all the Windows Ping list threads with FR search: just search on keyword "windowspinglist".

[dayglored]

Previous FreeRepublic threads on "Active Management Technology":

• Intel x86s hide another CPU that can take over your machine (you can't audit it)

• Chips Let PCs Get Turned on Remotely

[Calvinist_Dark_Lord]

Thank you for the update.

Looks as if i will be staying with AMD processors to build my next system.

[Paladin2]

Does the NSA know about this? Do they use this on their TOR network exit boxen?

[PAR35]

If they close the back door, do they have to give any money back to the NSA? Or do they just have to install a new backdoor for Big Brother?

[texas booster]

Ran the software and got the message “Could not start SCCM”.

Since I am running on a consumer i7 core, that is what I expected. Just nice to have it come back clean.

Wonder if this affects Xeon chips used in workstations?

[shibumi]

I was just about to ask if AMD was affected.

I wasn’t really thinking of security or being prescient.
It’s just that the AMD machines (eMachine to be precise)
was the least expensive thing I could get on my last few purchases.

So I accidentally did the safe thing?

[dayglored]

> Does the NSA know about this? Do they use this on their TOR network exit boxen?

If the NSA doesn't know about this, and if they haven't been using it for a decade, they've been slacking.

The Intel ME and AMT are a spook's wet dream.

[dayglored]

> If they close the back door, do they have to give any money back to the NSA? Or do they just have to install a new backdoor for Big Brother?

Nobody said they were turning off the Management Engine. They're just fixing a bug in how its software works.

This vulnerability is just a bug. The real "back door" is the entire ME, and that's being fixed, not closed.

[dayglored]

> Wonder if this affects Xeon chips used in workstations?

Yes it does.

[BurrOh]

Bkmrk Thanks!

[dayglored]

> Thank you for the update. Looks as if i will be staying with AMD processors to build my next system.

You're very welcome. AMD CPUs are in general quite good.

OTOH, if you run VMware ESX software, be aware that some AMD machines have subtle problems with VMs that happen to tickle certain features of VMware in unpleasant ways. I've had a couple of VMs that I had to migrate off an AMD-based VMware ESX head, onto an Intel-based VMware ESX head, because they were unstable on the AMD, but fine on the Intel. Don't know why, but it's repeatable, and in some cases it crashed the entire VMware ESX head, not just the particular VM. Weird. But I've heard reports that this is not an isolated case. So be alert.

[semaj]

Not a flaw, as it was purposefully designed into the chips.

[piytar]

F3GUM — will be surprised if anyone even here knows what that means.

[piytar]

Yup.

[dayglored]

Re: F3GUM

Okay you win a Kewpie doll. Now, what’s it mean? :-)

[thoughtomator]

TRS-80 backdoor

[piytar]

Was the DOS override access password. Worked on some earlier Windows machines, too (the earlier versions were just a shell on top of DOS).

[piytar]

Yup.