Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords

Finnish firm detects Intel security flaw of ‘almost shocking simplicity

Intel AMT Security Issue Lets Attackers Bypass BIOS and BitLocker Passwords

In a matter of seconds, an attacker can gain access to an Intel AMT-enabled laptop, even if there's a BIOS password in place. The issue, which can only be exploited given physical access to targeted laptop, is unrelated to the recent Spectre and Meltdown vulnerabilities.

F-Secure said it has encountered this issue time and time again, and it needs to be addressed urgently because it is locally exploitable in practical situations, even when laptops have otherwise been completely hardened. Weaknesses in the tech have been discovered before (examples here and here) but the latest flaw is nonetheless noteworthy because of the ease of exploitation. Since the exploit can be completed in seconds, this tactic is quite viable. Standard password of Intels Management Engine BIOS Extension are rarely changed and can invoke business laptops vulnerable to unauthorized remote access, claims F-Secure.

AMT is Intel's proprietary solution to allow IT admins remote access monitoring and maintenance of corporate-grade systems.

An attacker starts by rebooting a target's machine, and then entering the boot menu.

This would allow any attacker to log into Intel Management Engine BIOS Extension (MEBx) using the default password "admin", as this default is probably unchanged on most corporate laptops.

Mass. Delegation Travels To Puerto Rico To Survey Damage
In June, Puerto Ricans voted overwhelmingly to embrace statehood in a non-binding referendum, but turnout was extremely low. They'll also receive a briefing on relief efforts from federal and homeland security officials.

As of now, the only ways of mitigating the danger is to change the AMT password from its default "admin" setting to something harder to guess - or to just disable the feature entirely. The attacker can now gain remote access to the system from both wireless and wired networks, as long as they're able to insert themselves onto the same network segment with the victim.

"The attack is nearly deceptively simple to enact, but it has incredible destructive potential".

"In practice, it can give an attacker complete control over an individual's work laptop, despite even the most extensive security measures", he stressed.

"You leave your laptop in your hotel room while you go out for a drink", he said.

"Essentially, one attacker distracts the mark, while the other briefly gains access to his or her laptop". The attacker can then access the device remotely, by connecting to the same wireless or wired network as the user.

Sen. Lindsey Graham confronted president on 'sh--hole' comment, fellow senator says
Several lawmakers say President Trump used a demeaning expletive to refer to Haiti and African nations during a meeting Thursday. His tweet did not elaborate on what " tough " language he used and did not provide a specific account of the meeting.

For more information on the issue, download our FAQ below! A similar vulnerability has also been previously pointed out by CERT-Bund but with regards to USB provisioning, Sintonen said.

Details of the vulnerability - which can lead to a clean device being compromised in under a minute and can bypass the BIOS password, TPM Pin, Bitlocker and login credentials - have been outlined by researchers at F-Secure. However, most users don't set one. "That is why it's important to raise public awareness". As a result, an unauthorised person with physical access to a computer in which access to MEBx is not restricted, and in which AMT is in factory default, could potentially alter its AMT settings. This centers on either ensuring that AMT has a strong password or disabling AMT altogether. This guidance (PDF) was updated and reiterated last November. Shukla couldn't be immediately reached for comment on F-Secure's research and Intel's mitigation advice.

The issue affects most, if not all, laptops that support Intel Management Engine/Intel AMT.

For starters, AMT has been created to require a username and password before it can be accessed. In most cases, a mass reconfiguration effort of affected devices is the only way to deal with AMT issues - not fun for a large, global organization.

Although Intel recommends that suppliers require the BIOS password to provision Intel AMT and has produced a Q&A about security best practices for AMT, F-Secure said this and other Intel guides on AMT security have not had the desired effect on the real-world security of corporate laptops.

Aetna (NYSE:AET) Lifted to Buy at ValuEngine
Parametric Portfolio Associates Ltd Llc invested 0.2% of its portfolio in Aetna Inc. (NYSE:AET) for 64,381 shares. (NYSE:AET). Amer Capital Inc reported 0.04% stake. 10,288 shares were sold by McCarthy Margaret M, worth $1.68M on Friday, September 15.

Últimas notícias