Hidden inside your Intel-based computer is a mystery program called Management Engine (ME). It, along with Trusted Execution Engine (TXE) and Server Platform Services (SPS), can be used to remotely manage your computer. We know little about Intel ME, except it’s based on the Minix operating system and, oh yes, ME is very insecure. Because of this, three computers vendors — Linux-specific OEMs System76 and Purism and top-tier PC builder Dell — have decided to offer computers with disabled ME.
These ME security holes impact millions of computers. ME supports Intel’s Active Management Technology (AMT). This is a powerful tool that allows admins to remotely run computers, even when the device is not booted. Let me repeat that: If your PC has power, even if it’s not running, it can be attacked. If an attacker successfully exploits these holes, the attacker can run malware that’s totally invisible to the operating system.
Most, but not all, of ME’s vulnerabilities require physical access for someone to exploit. Another would valid requite administrative credential for remote exploitation. Still, it’s worrisome.
Submitted by: Arnfried Walbrecht
Comments are closed.