Latest in Core

Image credit:

Old Intel chips are vulnerable to a fresh security exploit

Jon Fingas, @jonfingas
August 8, 2015
Share
Tweet
Share

Sponsored Links

If you have an old, Intel-based computer hanging around, you might want to get rid of it post-haste. Security researcher Chris Domas has discovered a vulnerability in the x86 architecture of Intel processors made between 1997 and 2010 (pre-Sandy Bridge) that lets an attacker install software in a chip's protected System Management Mode space, which governs firmware-level security. Yes, that's as bad as it sounds: an intruder could not only take more control than you typically see in attacks (including wiping firmware), but infect your PC even if you wipe your hard drive and reinstall your operating system. Domas has only tested against Intel-made CPUs so far, but AMD processors could be vulnerable as well.

A would-be hacker needs low-level OS access to get in, so you at least won't face a direct assault -- you need to fall prey to another attack before this becomes an option. However, this vulnerability might be difficult or impossible to fix in a timely fashion. While it's theoretically possible to patch a computer's BIOS (or on relatively recent systems, UEFI) to prevent these attacks, the chances of that happening are slim. What's the likelihood that your motherboard maker will support a product that's at least 5 years old, or that most people are both willing and able to apply firmware upgrades? Not very high, we'd reckon. Although the inexorable march of time will eventually take care of this flaw, the only surefire solution is to upgrade your computer.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

NASCAR driver 'rage quits' esports race

NASCAR driver 'rage quits' esports race

View
The best games for PS4

The best games for PS4

View
Quit trying to make Quibi happen

Quit trying to make Quibi happen

View
Twitter bans deepfakes that are 'likely to cause harm'

Twitter bans deepfakes that are 'likely to cause harm'

View
Google Fit redesign focuses on your step count

Google Fit redesign focuses on your step count

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr