Intel is releasing a “critical” firmware update to systems makers to battle a recently reported security vulnerability in its chipset firmware which can allow an attacker to remotely gain access to PCs built for business users and other devices that incorporate special Intel business management features.
The “escalation of privilege vulnerability “ affects systems built for business use that include special Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) or Intel Small Business Technology firmware, versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6, the company reported in a May 1 security advisory. The vulnerability can “allow an unprivileged attacker to gain control of the manageability features” in the products, giving them access to the machines and data, according to Intel.
Firmware versions before Version 6 or after Version 11.6 are not included in the security advisory. If the systems do not include Intel AMT, SBA or ISM capabilities, then they are also not affected.
Consumer PCs built with Intel processors are not affected by the vulnerabilities because they do not use the business-targeted management firmware that is vulnerable to the attacks, the company stated. Also not affected by the vulnerabilities are Intel servers using Intel Server Platform Services (Intel SPS) features, as well as Intel Xeon Processor E3 and Intel Xeon Processor E5 workstations utilizing Intel SPS firmware.
The vulnerabilities can be accesses in two ways by network attackers, including by provisioning manageability features that can gain unprivileged network or local system privileges of Intel AMT, ISM or SBT firmware, or by gaining system privileges for AMT or ISM firmware. The SBT firmware is not affected by the second attack scenario, according to the company.
Intel advises business customers to check their systems to determine if they have any machines affected by the vulnerability by using a free, downloadable discovery tool that will analyze systems to look for the security problem. “IT professionals who are familiar with the configuration of their systems and networks can use this tool, or can see our security advisory for full details on vulnerability detection and mitigation,” the company said in a statement.
“We have implemented and validated a firmware update to address the problem and we are collaborating with computer-makers to facilitate a rapid and smooth integration with their software,” Intel stated. “We expect computer-makers to make updates available beginning the week of May 8 and continuing thereafter.”
If the vulnerabilities are found or if the discovery tool can’t determine if the systems are affected, customers are being advised to take mitigation steps using Intel’s mitigation guide to secure their systems as quickly as possible, the post continued.
As part of the mitigations on affected machines, all capabilities and features provided by AMT, ISM and SBT will be made unavailable until corrected firmware is installed later to re-enable the features after fixes are established, according to Intel.
Business computer makers, including HP, Lenovo, Fujitsu and Dell, have been issuing their own advisories to customers to share their plans for updates incorporating the new Intel firmware code for affected machines.
Reached via email by ITPro, a spokesperson for Intel had no additional comments on the vulnerabilities.
“The security and confidence of the people and businesses who use Intel products and technologies are paramount to us, and we are doing everything we can to address the situation as quickly as possible,” the company said in its May 5 post on the topic.
Consumers or others who need support securing vulnerable systems can contact Intel Customer Support. Online support is available at http://www.intel.com/supporttickets . To contact Intel Customer Support by phone in the U.S., Canada or Latin America, call (916) 377-7000. Europe, Middle East and Africa support phone numbers can be found on Intel’s support website . Asia Pacific support phone numbers can be found on Intel’s Asia support site .