Latest in Gear

Image credit:

Intel's latest Core processors have serious security flaws

Remote attackers could execute commands on 2015 or newer desktop and laptop PCs.
Steve Dent, @stevetdent
November 22, 2017
Share
Tweet
Share

Sponsored Links

Intel has confirmed previous reports that its recent PC, internet of things and server chips are vulnerable to remote hacking. The problem is with the onboard "Management Engine," which has multiple holes that could let remote attackers run malicious software, get privileged access and take over computers. The vulnerability affects sixth, seventh and eighth generation Core chips (Skylake, Kaby Lake and Kaby Lake R), along with Pentium, Celeron, Atom and multiple Xeon chips.

In the worst case scenario, the vulnerabilities can allow hackers to "load and execute arbitrary code outside the visibility of the user and operating system," Intel wrote in the security bulletin. Other flaws affect the Management Engine and Intel's Server Platform Services, potentially giving hackers privilege escalation rights.

Intel has published a detection tool for Linux and Windows to help administrators and users detect if their systems are vulnerable. It has also posted a fix for its PC customers, but so far, but only Dell, Lenovo and Intel itself (for its NUC and Compute Sticks) have listed affected systems. No firmware updates appear to be available yet.

If you own a recent PC with a Core or Pentium Intel chip, it's safe to assume that you're probably affected -- both Lenovo and Dell's lists are very large. On the plus side, researchers say that so far, there's no way to exploit the flaws unless you already have access to a network. That could change, however: "We have no real idea how serious this is yet," said Google security researcher Matthew Garrett. "It could be fairly harmless, it could be a giant deal."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

The 2020 Engadget Holiday Gift Guide

The 2020 Engadget Holiday Gift Guide

View
The Arecibo Observatory's telescope has collapsed

The Arecibo Observatory's telescope has collapsed

View
The second-gen Eve V may take on the Surface Pro again in 2021

The second-gen Eve V may take on the Surface Pro again in 2021

View
The Snapdragon 888 is Qualcomm's latest premium CPU for smartphones

The Snapdragon 888 is Qualcomm's latest premium CPU for smartphones

View
The best laptop deals we found for Cyber Monday

The best laptop deals we found for Cyber Monday

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr