Industry News

Conference

22 Nov 2017

Critical security vulnerability in millions of Intel processors

Intel has released a security alert regarding a critical elevation of privilege vulnerability that affects millions of servers and computers.

This alert impacts systems using Intel Management Engine (ME) Firmware versions 11.0 and higher, Server Platform Service (SPS) Firmware version 4.0, and Trusted Execution Engine (TXE) version 3.0. By accessing the elevation of privilege vulnerability, an attacker could gain access to the platform and could impact local security features, load and execute malicious code, and cause system instability or even crash the system entirely.

Affected products include Intel Core processors, Xeon processors, Apollo Lake Atom and Pentium processors, and Celeron N and J series processors.

Intel has released a detection tool that users can apply to check if the vulnerability applies to their systems.  Additionally, Agnes Kwan of Intel said that the company had provided software patches to correct the flaw to all major computer manufacturers, who can then distribute patches to customers.

The vulnerability was revealed during an in-depth security review at Intel, sparked by flaws exposed by a team of Russian researchers last August. The team at Positive Technologies identified security issues with the Intel Management Engine, which allowed unauthorized users to disable ME and extract large numbers of XML files. The researchers linked this vulnerability directly to a platform in use by the U.S. National Security Agency.

The Department of Homeland Security weighed in on the issue, advising users to review Intel’s security notifications and to use the detection tool to determine whether their system is affected by the vulnerability. DHS also counselled users to contact the manufacturer directly for software updates and advice on how to mitigate the threat that the chip vulnerability could pose to individual computers and to networks.

Intel said that it has not identified a single instance where this flaw has been exploited to conduct a cyber attack. However, due to the widespread use of the Intel processor chips, the newly-discovered flaw remains a major concern for many personal and business users of computers with the affected processors.

Intel recently announced record-breaking financial results, with strong revenue growth and record earnings, largely thanks to a boost in its data centre business.

Click here to read more.

View all Industry News
Loading

Sponsors

Platinum Sponsor

Platinum Sponsor

Keynote Theatre Sponsor

Theatre Sponsor

VIP Lounge Sponsor

Compliance & Change Detection Leader

Gold Sponsor

Gold Sponsor

Gold Sponsor

Gold Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Silver Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Bronze Sponsor

Partners

Knowledge Partner

Global Analyst Partner

Official TV Partner

Official Video Partner

Official News Release Distribution Partner

Security Education Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Event Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Media Partner

Testimonials

  • "The best thing of us part opportunity to meet with our partners and customers. We met with many relevant prospects from different verticals and get a sense of the market demand. I understand much more of what the customers in this region."
    CEO and Co-founder, Votiro
  • "Considering the large number of exhibitors at the show, the crowd at our booth is great and stayed consistent throughout the day. Delegates who visited our booth met our expectations and we gathered good leads too!"
    Malwarebytes, Sales Development Representative 
  • "There’s no other show like Cloud Expo Asia and Cloud & Cyber Security Expo that reaches out to two groups of different audience from both cloud and cyber security in the same venue which is exactly who our service offerings are for! We have been participating in both Cloud Expo Asia, Hong Kong as well as Cloud Expo Asia, Singapore and more than happy to be part of the next edition!"
    Technical Account Manager North Asia, Qualys
  • "We met our target audience including service providers and SI, we have lot of interest throughout both days which is great! The show is definitely a platform for us to meet APAC audience and catch up with our partners across the different shows here."
    Channel Manager – Strategic Alliance APAC, Webroot