Intel Critical Security Flaw Affects Chips in Millions of Computers, Servers
“An attacker could gain unauthorized access to platform, Intel ME feature, and 3rd party secrets protected by the Intel Management Engine (ME), Intel Server Platform Service (SPS), or Intel Trusted Execution Engine (TXE),” the new alert states.
November 22, 2017
Intel says that a piece of software inside virtually all of its newest computer chips contains a critical security flaw that enables an attacker to manipulate security features, run arbitrary code or crash a system.
The chip maker launched a comprehensive review of its firmware after a private team of Russian security researchers reported in August it had found a way to access a backdoor designed to allow some government customers to disable the Management Engine (ME) master controller inside Intel CPUs.
Intel, in an alert issued Monday, reported that the review had identified 11 significant security issues affecting millions of computers, servers and even Internet of Things (IoT) devices.