New Intel processors have been found to have unfixable security flaws that could leave your unit lacking DRM and encryption protections and open to attack.
According to The Verge, modern Intel processors suffer from a serious security flaw that’s seemingly unfixable. The flaw can be found among an Intel processor’s hardware, rather than it’s software. This particular flaw was found by a security firm called Positive Technologies and is one that may allow certain malware processes to run completely undetected by the majority of antivirus protection systems. The security firm has stated that every Intel processor sold in the last five years is susceptible to attack, with the only exclusion being 10th generation processors.
According to Mark Ermolov, a security researcher at Positive Technologies, the flaw has put every modern day security process in question. How can people be certain these processes and securities work when the processors themselves maintain tremendous flaws? DRM protections, hardware authentication, and so many more may lose the trust of those who use them. Intel has spent years building up a network of trust among users and partners alike. Positive Technologies is fearful that this flaw will tear that network apart.
Looking for a Budget Laptop?
The firm went on to say that the flaw can be found among Intel’’s CSME, otherwise known as Intel’s Converged Security Management Engine. This particular system is responsible for the security of any and all firmware running on an Intel unit. Despite previous fixes, Positive Technologies has confirmed the error persists and is overwhelmingly present when Intel unit’s initially boot up.
According to Ermolov, the problem is impossible to fix because there’s no way to correct hard-code. This code is already forever stuck within intricate parts like microprocessors, and even chip sets. This problem is of great concern, but Ermolov really emphasized the breach of trust that the flaw creates. When the foundation of this security network is violated, all the other branches fall. Just imagine a house with a crumbling foundation. That house is coming down!
Security researchers are saying that in order to take advantage of this security flaw, most attackers would need to have direct access to a device running one of these flawed processors. Attackers with incredible skill will actually be able to bypass the security processes that regular OS (operation systems) maintain, and get in without obtaining the physical system. This would take a lot of work and a tremendous amount of skill however. Researchers at this firm say that regardless of which route an attacker takes, they may obtain hardware IDs, hard disk information, and other protected digital content.
Intel has actually come out with several statements claiming the flaw isn’t all that big of a problem. Potential attackers would need specialized equipment and direct access to the machine claimed Intel, meaning the risk to users is very low. They went on to say in their statement that users should be keeping their systems up to date, as well as keeping track of new security mitigations and updates.
Positive Technologies will reportedly release further information with respect to this security flaw in the coming weeks. As for Intel, they’ll reportedly be working to block exploitation vectors for this particular security flaw, despite the overwhelming amount of them.