Intel to slap hardware lock on Management Engine code to thwart downgrade attacks

Discussion in 'Security News' started by Solarquest, Dec 13, 2017.

  1. Solarquest

    Solarquest Moderator
    Staff Member AV Tester

    Jul 22, 2014
    From version 12 onward, ME-equipped chips will defend against patch rollbacks

    Intel's Coffee Lake and Cannon Lake x86 processors can be fortified by computer manufacturers to prevent in hardware attempts to downgrade, exploit and potentially neuter Chipzilla's built-in creepy Management Engine.

    In June, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy privately reported to Intel a brace of exploitable bugs – CVE-2017-5705, 5706, and 5707 – in the powerful Management Engine's firmware.

    Last month, in response and ahead of Ermolov and Goryachy's public presentation of their research at Black Hat Europe, Chipzilla published eight vulnerability notices: the tech giant admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) could be attacked to give miscreants access to the controversial hidden administrative layer – effectively granting God-mode on the computer.
    BryanB, plat1098, upnorth and 5 others like this.
  2. Vasudev

    Vasudev Level 22

    Nov 8, 2014
    Windows 10
    Its already working. You can't downgrade after upgrading 11.8 (version that fixes the exploits published by Intel SA00086). According to Dieter aka Fernanado at Win-raid said "Once you upgrade to MEI 11.8 and even if downgraded the PC acts weird or cause unexpected behaviour forcing users to switch to 11.8 version or above".
Similar Threads Forum Date
Intel Intel says Meltdown / Spectre patch causes reboots in computers with newer processors too Technology News Thursday at 4:21 AM
Intel Finally Details Slowdowns Caused by Meltdown & Spectre Updates Security News Thursday at 3:32 AM
Q&A How do I find the Intel patch for Spectre? General Security Discussions Tuesday at 1:39 PM