Ieri, 20 noiembrie, a fost transmisa o informare prin care suntem avertizati ca exista o vulnerabilitate ce tine de ME (Intel Management Engine) la procesoarele Intel din ultimile generatii. Daca se exploateaza aceasta vulnerabilitate se poate prelua controlul echipamentului targetat. Se pare ca mai multi experti pe partea de securitate au transmis informatii referitoare la aceste probleme celor de la Intel dar pana acuma nu a fost nimic postat oficial.

Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

This includes scenarios where a successful attacker could:

Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity. Load and execute arbitrary code outside the visibility of the us...