Latest in Gear

Image credit: Intel

Intel's latest Core processors have serious security flaws

Remote attackers could execute commands on 2015 or newer desktop and laptop PCs.
1512 Shares
Share
Tweet
Share
Save

Sponsored Links

Intel has confirmed previous reports that its recent PC, internet of things and server chips are vulnerable to remote hacking. The problem is with the onboard "Management Engine," which has multiple holes that could let remote attackers run malicious software, get privileged access and take over computers. The vulnerability affects sixth, seventh and eighth generation Core chips (Skylake, Kaby Lake and Kaby Lake R), along with Pentium, Celeron, Atom and multiple Xeon chips.

In the worst case scenario, the vulnerabilities can allow hackers to "load and execute arbitrary code outside the visibility of the user and operating system," Intel wrote in the security bulletin. Other flaws affect the Management Engine and Intel's Server Platform Services, potentially giving hackers privilege escalation rights.

Intel has published a detection tool for Linux and Windows to help administrators and users detect if their systems are vulnerable. It has also posted a fix for its PC customers, but so far, but only Dell, Lenovo and Intel itself (for its NUC and Compute Sticks) have listed affected systems. No firmware updates appear to be available yet.

If you own a recent PC with a Core or Pentium Intel chip, it's safe to assume that you're probably affected -- both Lenovo and Dell's lists are very large. On the plus side, researchers say that so far, there's no way to exploit the flaws unless you already have access to a network. That could change, however: "We have no real idea how serious this is yet," said Google security researcher Matthew Garrett. "It could be fairly harmless, it could be a giant deal."

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
1512 Shares
Share
Tweet
Share
Save

Popular on Engadget

The 2019 Engadget Holiday Gift Guide

The 2019 Engadget Holiday Gift Guide

View
Amazon's smart shelves will re-order office supplies automatically

Amazon's smart shelves will re-order office supplies automatically

View
What's coming to Prime Video in December: 'The Marvelous Mrs. Maisel'

What's coming to Prime Video in December: 'The Marvelous Mrs. Maisel'

View
Fortnite: Save the World's new area is a dungeon crawl

Fortnite: Save the World's new area is a dungeon crawl

View
BMW spends billions to secure batteries and drivetrains for its EVs

BMW spends billions to secure batteries and drivetrains for its EVs

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr