Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  

0330 808 5201
Extended hours, 7 days a week
Home  /  geekspeak  /  Intel’s latest flaw could put your computer at risk

Intel’s latest flaw could put your computer at risk

Quite often these days when we hear about a major security flaw, it’s to do with the underlying software that we’re running on our PCs, whether it’s a dodgy browser exploit, some kind of flaw in productivity software or even “free” content sites that are awash with malware. It’s not quite so often that we hit underlying issues with the actual hardware that we use every day, but that’s the unfortunate position that hardware giant Intel has found itself in, with a slew of potential high severity exploits affected its recent processor ranges.

This is exceptionally bad news, because the odds are very good that you’ve got at least one product that could bear that iconic “Intel Inside” sticker, whether it’s a Windows laptop, Macintosh desktop or even any number of server or higher end business systems that rely on Intel’s top-tier Xeon processor families.

The flaw affects the underlying architecture that loads well before your operating system does, affecting issues with the Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). The Management Engine can be used by administrators for maintenance tasks, and it’s essentially a sub-processor that runs its own tiny operating system in order to do so. In order to allow administrators (who should have access, after all), the Management Engine can power up a switched-off PC and run necessary upgrade and checking tasks for an entire fleet of PCs, typically with management technology enabled on the system. Or in other words, it’s usually only a concern for those who run entire fleets of PCs, but it’s not clear if the identified flaws could also be exploited on consumer PCs.

Flaws were also identified in the Trusted Execution Engine, which handles hardware authentication, and also the Server Platform Services, which works in a similar fashion to the ME, but for systems acting as servers. The flaws were identified by external researchers to Intel, and the processor giant then undertook a full audit of those services to check the authenticity of their claims. Sadly, they are vulnerable, at least in theory.

To be specific, Intel has identified that there’s a potential issue with any system running any of the following processors:

  • 6th, 7th, and 8th generation Intel Core Processor Family
  • Intel Xeon Processor E3-1200 v5 and v6 Product Family
  • Intel Xeon Processor Scalable Family
  • Intel Xeon Processor W Family
  • Intel Atom C3000 Processor Family
  • Apollo Lake Intel Atom Processor E3900 series
  • Apollo Lake Intel Pentium Processors
  • Intel Celeron N and J series Processors

If you’re reading that list and figuring that maybe you have an Intel-based system, but wouldn’t know a Celeron from a stick of celery, help is at hand. Intel has released a detection tool for Windows/Linux users to help identify if they’re running on a system with the flaw, as well as guidance on how to update the firmware to close off the security hole, which you can find here.

From what’s been announced so far, the one bit of good news is that Intel-based Macs don’t seem to be affected, but even there, it’s wise to keep ahead of any security alerts and keep your system up to date. It’s always going to be a cat and mouse game, and nobody wants their system to be the unlucky mouse.

Share

Recent News

Microsoft made its immense fortunes largely off the back of selling software. There would be a new version of Microsoft Office, or Microsoft Windows, and you’d pay a set sum for CD-ROM (or, going back even further, a bundle of 3.5 inch floppy disks) that would provide you with that software, typically accompanied by a… More 

Every year, the consumer electronics industry descends on Las Vegas, and not for the reasons one might feasibly head to Las Vegas for. OK, to be fair, a certain amount of gambling and drinking does go on, but it’s the backdrop for the Consumer Electronics Show, where the world’s big electronics companies — and thousands… More 

The new year is upon us, and with it, the promise of all sorts of new tech gadgets, with everything from foldable phones to smarter electric cars for sale. Connectivity is the glue that binds those two quite different concepts together, and indeed just about any other technology you’d care to name, because we absolutely… More 

So, what is your password? No, don’t answer that. Really, please don’t. Partly because the whole point of a password should be that it’s a secret known only to you, but also because there’s increasing evidence that we’re still not much better at password security than we were last year. Each year, SplashData (100-worst-passwords-top-50) puts… More