Windows 10: New Security Flaw Hits Intel, Laptops this time

Page 1 of 2 12 LastLast

  1. Posts : 165
    Windows 10 Pro x64 16299.248
       12 Jan 2018 #1

    New Security Flaw Hits Intel, Laptops this time


    http://www.guru3d.com/news-story/new-security-flaw-hits-intellaptops-this-time.html

    F-Secure has reported another serious flaw in Intel hardware, which could enable hackers to access corporate laptops. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure.
    Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination 'admin', 'admin' and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack. Attackers can open the BIOS Extension during startup with Ctrl + P, even if the user has set a bios password. Then they can manage settings of the Management Engine, reports dw.com.
    "The issue potentially affects millions of laptops globally," said F-Secure consultant Harry Sintonen, who discovered the flaw. "It's of an almost shocking simplicity, but its destructive potential is unbelievable."
    F-Secure said once an attacker had the chance to reconfigure AMT (for which he would initially need physical access to the device in question), the device could be fully controlled remotely by connecting to the same wireless or wired network as the user.
    "No other security measures like full-disk encryption, local firewall, anti-malware software or VPN technology are able to prevent exploitation of this issue," Sintonen warned.
    A successful attack would lead to complete loss of confidentiality, integrity and availability, with the attacker able to read and modify all of the data and applications users have access to on their computers, even at the firmware level.
      My ComputerSystem Spec

  2.    12 Jan 2018 #2

    Just wonderful..When will it end?
      My ComputerSystem Spec

  3.    12 Jan 2018 #3

    Any one seen my Abacus?
      My ComputersSystem Spec

  4.    12 Jan 2018 #4

    Haven't seen yours, but dusting off mine now
      My ComputerSystem Spec


  5. Posts : 4,242
    Win10 Home and Pro, Win10 Insider Preview, Win7 Home, Linux Mint
       12 Jan 2018 #5

    I've a couple three Win9x computers from dial-up days in storage, may need to get one out.
      My ComputerSystem Spec

  6.    12 Jan 2018 #6

    Says the attacker would first need physical access If someone with malicious intent has physical access to a PC this prolly wouldn't be the only thing you'd have to worry about.
      My ComputerSystem Spec

  7.    12 Jan 2018 #7

    Bat 1 said: View Post
    Says the attacker would first need physical access If someone with malicious intent has physical access to a PC this prolly wouldn't be the only thing you'd have to worry about.
    Yeah it's not really a major issue. If your some is able to gain physical access to your device, you have bigger issues.

    This isn't even a flaw, there is no bypass of security here.
      My ComputerSystem Spec


  8. Posts : 27,262
    64-bit Windows 10 Pro build 17604
       12 Jan 2018 #8
      My ComputersSystem Spec


  9. Posts : 5,660
    Windows 10 Pro X64 16299.192
       13 Jan 2018 #9

    Still requires physical access to the laptop. As others have said. Once someone has access to your laptop, no security is valid. I don't see this is as any more serious than any other threats we've been made aware of. If it is, can someone explain how that is so?
      My ComputersSystem Spec

  10.    13 Jan 2018 #10

    Misuse of the word physical perhaps when they actually just meant access by any means?
      My ComputersSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Read more: 'Kernel memory leaking' Intel processor design flaw forces Linux, Windows redesign - The Register See also: https://security.googleblog.com/2018/01/todays-cpu-vulnerability-what-you-need.html...
Looks like us Intel users are getting a free downgrade soon :( A Huge Intel Security Hole Could Slow Down Your PC Soon Iím pretty ticked about this one.
My questions are, Are programs Intel Rapid Storage technology and Intel Security assist considered to be bloatware? They came with the laptop and cant figure exactly what they do. The name Intel makes it sound like serious stuff but after searching...
Unfixable security flaw in Secure Boot ?? in AntiVirus, Firewalls and System Security
This guy writes about security issues. Windows Secure Boot: Insecure by design and mostly likely cant be fixed | Network World
Java zero-day security flaw exploited in the wild in AntiVirus, Firewalls and System Security
Java zero-day security flaw exploited in the wild | ZDNet
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 01:29.
Find Us