{"id":7499,"date":"2017-05-02T04:31:32","date_gmt":"2017-05-02T12:31:32","guid":{"rendered":"http:\/\/www.palada.net\/index.php\/2017\/05\/02\/news-1284\/"},"modified":"2017-05-02T04:31:32","modified_gmt":"2017-05-02T12:31:32","slug":"news-1284","status":"publish","type":"post","link":"http:\/\/www.palada.net\/index.php\/2017\/05\/02\/news-1284\/","title":{"rendered":"Vulnerability hits Intel enterprise PCs going back 10 years"},"content":{"rendered":"

<\/p>\n

Credit to Author: Michael Kan| Date: Tue, 02 May 2017 03:34:00 -0700<\/strong><\/p>\n

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.<\/p>\n

The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management. \u00a0<\/p>\n

Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.<\/p>\n

The vulnerable firmware features can be found in some current Core processors and all the way back to Intel’s first-generation Core, called Nehalem, which shipped in 2008. They’re part of versions 6.0 through 11.6 of Intel’s manageability firmware.<\/p>\n

No consumer PCs are affected, the company said. Nor are data-center servers running Intel Server Platform Services.<\/p>\n

Intel Active Management Technology is a feature in Core processors that lets organizations remotely track, manage and secure whole fleets of connected computers.<\/p>\n

For example, it can be used to monitor and repair retail checkout systems, digital signage and PCs at places like stores, offices and schools.<\/p>\n

Intel didn\u2019t provide technical details of the vulnerability, but it said a hacker could use the flaw to take over the remote management functions.<\/p>\n

In an email, Intel said it learned about the vulnerability from a security researcher in March. \u201cWe are not aware of any exploitation of this vulnerability,\u201d the company said.<\/p>\n

Intel said it has prepared a patch and is working with manufacturers to roll it out to users as soon as possible.<\/p>\n

Intel\u2019s security advisory<\/a> also lays out steps users can take to find out if they\u2019re affected. For example, PCs built with its\u00a0vPro technology<\/a>\u00a0will have the vulnerable Intel Active Management feature.<\/p>\n

In addition, the advisory has tips for what to do if there’s no firmware update available from the system manufacturer. Disabling or removing a Windows service called Local Manageability Service can mitigate the vulnerability, Intel said.\u00a0<\/p>\n

http:\/\/www.computerworld.com\/category\/security\/index.rss<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

<\/p>\n

Credit to Author: Michael Kan| Date: Tue, 02 May 2017 03:34:00 -0700<\/strong><\/p>\n

\n
\n

Intel is reporting a firmware vulnerability that could let attackers take over remote management functions on computers built over nearly the past decade.<\/p>\n

The vulnerability, disclosed on Monday, affects features in Intel firmware that are designed for enterprise IT management. \u00a0<\/p>\n

Enterprises using Intel Active Management Technology, Intel Small Business Technology and Intel Standard Manageability on their systems should patch them as soon as possible, the company says.<\/p>\n

The vulnerable firmware features can be found in some current Core processors and all the way back to Intel’s first-generation Core, called Nehalem, which shipped in 2008. They’re part of versions 6.0 through 11.6 of Intel’s manageability firmware.<\/p>\n

To read this article in full or to leave a comment, please click here<\/a><\/p>\n<\/section>\n<\/article>\n","protected":false},"author":4,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_container_layout":"default_layout","colormag_page_sidebar_layout":"default_layout","footnotes":""},"categories":[11062,10643],"tags":[12124,714],"class_list":["post-7499","post","type-post","status-publish","format-standard","hentry","category-computerworld","category-independent","tag-infrastructure-management","tag-security"],"_links":{"self":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7499","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/comments?post=7499"}],"version-history":[{"count":0,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/posts\/7499\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/media?parent=7499"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/categories?post=7499"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.palada.net\/index.php\/wp-json\/wp\/v2\/tags?post=7499"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}