Vulnerability in Intel systems allows attackers to remotely gain access to business PCs

Intel has published a security advisory regarding a firmware vulnerability in certain systems that utilize Intel Active Management Technology (AMT), Intel Standard Manageability (ISM) or Intel Small Business Technology (SBT). The vulnerability enables network attackers to remotely gain access to business PCs or devices that use these technologies. 

“The security and confidence of the people and businesses who use Intel products and technologies are paramount to us, and we are doing everything we can to address the situation as quickly as possible”, Intel wrote in a statement about the vulnerability. The company has implemented and validated a firmware update that addresses the problem. Intel is collaborating with computer makers to facilitate a smooth and rapid integration with their software. Intel expects computer makers to make updates available beginning the week of May 8 and continuing thereafter. 

Discovery tool
Until these firmware updates are available, Intel urges people and companies using business PCs and devices that incorporate AMT, ISM or SBT to take action to maintain the security of their systems and information. Intel has released a discovery tool that will analyse systems for the vulnerability. 

If the discovery tool reports a vulnerability or is unable to determine if a system is vulnerable, Intel recommends taking steps to secure the system as soon as possible. The company has published a mitigation guide to assist users with these steps. Intel warns that details of how to exploit the vulnerability are now public. It is therefore important to take steps to secure vulnerable systems as soon as possible. 

Your rating: None

Post new comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <br><p>
  • Lines and paragraphs break automatically.

More information about formatting options

This question is for testing whether you are a human visitor and to prevent automated spam submissions.
Recent comments
  • Wouter Hoeffnagel
    National Management & IT Symposium: creating order in complex problems
  • Alejandro Debenedet
    Video ITWNET Round Table: ‘Digital sandbox makes innovation possible’
  • Maryann Farrugia
    Two-fifths of IT professionals consider IT organization ready for digital business
  • Alejandro Debenedet
    UK Government websites fail to meet plain English guidelines
  • warren wilkins
    Is my ITIL V2 Service Master certification garbage now?