Intel's latest Core processors have serious security flaws

Remote attackers could execute commands on 2015 or newer desktop and laptop PCs.

Sponsored Links

Intel
Intel

Intel has confirmed previous reports that its recent PC, internet of things and server chips are vulnerable to remote hacking. The problem is with the onboard "Management Engine," which has multiple holes that could let remote attackers run malicious software, get privileged access and take over computers. The vulnerability affects sixth, seventh and eighth generation Core chips (Skylake, Kaby Lake and Kaby Lake R), along with Pentium, Celeron, Atom and multiple Xeon chips.

In the worst case scenario, the vulnerabilities can allow hackers to "load and execute arbitrary code outside the visibility of the user and operating system," Intel wrote in the security bulletin. Other flaws affect the Management Engine and Intel's Server Platform Services, potentially giving hackers privilege escalation rights.

Intel has published a detection tool for Linux and Windows to help administrators and users detect if their systems are vulnerable. It has also posted a fix for its PC customers, but so far, but only Dell, Lenovo and Intel itself (for its NUC and Compute Sticks) have listed affected systems. No firmware updates appear to be available yet.

Turn on browser notifications to receive breaking news alerts from Engadget
You can disable notifications at any time in your settings menu.
Not now

If you own a recent PC with a Core or Pentium Intel chip, it's safe to assume that you're probably affected -- both Lenovo and Dell's lists are very large. On the plus side, researchers say that so far, there's no way to exploit the flaws unless you already have access to a network. That could change, however: "We have no real idea how serious this is yet," said Google security researcher Matthew Garrett. "It could be fairly harmless, it could be a giant deal."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Popular on Engadget