Intel to slap hardware lock on Management Engine code to thwart downgrade attacks

Solarquest

Solarquest

Moderator
Thread author
Verified
Staff Member
Malware Hunter
Well-known
Jul 22, 2014
2,525
From version 12 onward, ME-equipped chips will defend against patch rollbacks

Intel's Coffee Lake and Cannon Lake x86 processors can be fortified by computer manufacturers to prevent in hardware attempts to downgrade, exploit and potentially neuter Chipzilla's built-in creepy Management Engine.

In June, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy privately reported to Intel a brace of exploitable bugs – CVE-2017-5705, 5706, and 5707 – in the powerful Management Engine's firmware.


Last month, in response and ahead of Ermolov and Goryachy's public presentation of their research at Black Hat Europe, Chipzilla published eight vulnerability notices: the tech giant admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) could be attacked to give miscreants access to the controversial hidden administrative layer – effectively granting God-mode on the computer.
...
...
 
  • Like
Reactions: vtqhtr413, upnorth, harlan4096 and 4 others
V

Vasudev

Level 33
Verified
Nov 8, 2014
2,230
Solarquest said:
From version 12 onward, ME-equipped chips will defend against patch rollbacks

Intel's Coffee Lake and Cannon Lake x86 processors can be fortified by computer manufacturers to prevent in hardware attempts to downgrade, exploit and potentially neuter Chipzilla's built-in creepy Management Engine.

In June, Positive Technologies security researchers Mark Ermolov and Maxim Goryachy privately reported to Intel a brace of exploitable bugs – CVE-2017-5705, 5706, and 5707 – in the powerful Management Engine's firmware.


Last month, in response and ahead of Ermolov and Goryachy's public presentation of their research at Black Hat Europe, Chipzilla published eight vulnerability notices: the tech giant admitted its Management Engine (ME), Server Platform Services (SPS), and Trusted Execution Engine (TXE) could be attacked to give miscreants access to the controversial hidden administrative layer – effectively granting God-mode on the computer.
...
...
Click to expand...
Its already working. You can't downgrade after upgrading 11.8 (version that fixes the exploits published by Intel SA00086). According to Dieter aka Fernanado at Win-raid said "Once you upgrade to MEI 11.8 and even if downgraded the PC acts weird or cause unexpected behaviour forcing users to switch to 11.8 version or above".
 
  • Like
Reactions: DeepWeb, vtqhtr413, plat1098 and 1 other person
You must log in or register to reply here.

Similar threads

BoraMurdar
    • Like
Management Engine Critical Firmware Update (Intel-SA-00086)
Replies
31
Views
8,923
News Archive
Iapepe
I
LASER_oneXM
    • Like
Intel Fixes Critical Bugs in Management Engine (affecting 6th, 7th, 8th Generation Core™ CPUs)
Replies
6
Views
3,604
News Archive
upnorth
upnorth
LASER_oneXM
    • Like
black hat 2017: Running Unsigned Code in Intel Management Engine (vulnerability)
Replies
8
Views
3,008
News Archive
gorblimey
gorblimey

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top