B2B Payments

Intel Hustles To Fix Longstanding Security Flaw In Enterprise Devices

Intel
Shutterstock

Intel has reportedly been operating with what reports called a “critical vulnerability” in its firmware that could allow hackers to infiltrate company systems via Intel’s Active Management Technology, Small Business Technology or Standard Manageability.

Reports Wednesday (May 3) said a researcher at IoT startup Embedi identified the vulnerability that has existed within Intel systems since as early as 2010. The vulnerability reportedly means an attacker could remotely access machines that are running Active Management Technology or Intel Standard Manageability, or they could allow an unauthorized user to “change management features on systems” that run AMT, ISM or its Small Business Technology, according to reports.

The threat impacts devices running the chipmaker’s vPro processors and does not affect consumer PCs, reports added.

“The vulnerability is a serious threat and the prevention measures from exploitation is a timely process for users — timely, but necessary,” said Embedi in a blog post. “It is also important to note the difficulties with firmware patching, which is needed to mitigate this vulnerability. Firmware patching takes an extremely long time to test before it is deployed to all of their users.”

In other words: there isn’t an easy (or fast) fix to this vulnerability.

Intel has reportedly responded to the discovery and issued a patch, and its Security Center has published detection and mitigation guides for its clients.

“We have implemented and validated a firmware update to address the problem, and we are cooperating with equipment manufacturers to make it available to end-users as soon as possible,” said a spokesperson for Intel.

News has gotten around the tech world, with Google security developer Matthew Garrett exploring the discovery in another blog post and noting that it doesn’t impact all Intel systems, just those that have Active Management Technology turned on.

——————————–

Latest Insights:

Our data and analytics team has developed a number of creative methodologies and frameworks that measure and benchmark the innovation that’s reshaping the payments and commerce ecosystem. The September 2019 Mobile Order-Ahead Tracker, serves as a monthly framework for the space. It provides coverage of the most recent news and trends as well as a provider directory that highlights key players across the mobile order-ahead ecosystem.

 

Click to comment

TRENDING RIGHT NOW

To Top