Harry Sintonen, a security researcher at F-Secure in Finland, uncovered another Intel security hole that could affect millions of laptops. Harry Sintonen said security breaches exist in Intel Active Management Technology (AMT), which gives hackers full control over a vulnerable device in seconds.
Unlike Meltdown and Specter, the exploitation of this vulnerability (yet to be named) requires physical access to the device. Harry Sintonen pointed out that this is still a serious flaw because hackers can break a system in less than a minute and then remotely control it by connecting to the same network.
This vulnerability can be exploited even though other security measures exist, including the BIOS password, BitLocker, TPM Pin, or traditional antivirus software. Sintonen said that while the BIOS password usually prevents malicious activity, Intel’s AMT opens the door to another type of attack that ultimately gives an attacker remote access to the system.
By choosing Intel’s Management Engine BIOS Extensions (MEBx), they can log in using the default password “admin” because users are less likely to change this password. By changing the default password, agile cybercriminals have effectively destroyed the machine. Now attackers can remotely access the system.
Full access to the compromised system can give hackers access to read and modify data and deploy malware on the device, although any security solution may be enabled. The attack looks simple, but with incredible potential for damage. In fact, it can give local attackers complete control over a personal work laptop even with the broadest range of security measures,
Intel has not yet responded to the new vulnerability, but security companies advise users to always carry their laptops with them, set a strong password for AMT, and even disable the feature altogether.
Reference: thehackernews
