Intel ME Vulnerabilities
Put it in the OP you flaming faggot, I'm not going to click your links.
no archive link.
Could you at least summarize everything what it's all about.
Not OP, but...
In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.
As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.
6th, 7th & 8th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor W Family
Intel® Atom® C3000 Processor Family
Apollo Lake Intel® Atom Processor E3900 series
Apollo Lake Intel® Pentium™
Celeron™ N and J series Processors
Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).
This includes scenarios where a successful attacker could:
Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
Load and execute arbitrary code outside the visibility of the user and operating system.
Cause a system crash or system instability.
>For more information, please see this Intel Support article
The following CVE IDs are covered in this security advisory:
Intel® Manageability Engine Firmware 11.0.x.x/11.5.x.x/11.6.x.x/11.7.x.x/11.10.x.x/11.20.x.x
please install even more botnet so we can fix the existing botnet.
how many of these firmware patches are going to limit your ability to use me_cleaner?
$300M OF DIVERSITY
Minix is a teaching OS and is fucking garbage. What did anyone expect?
Not only is that opinion non-sequitur, your opinion is simply false.
6th, 7th & 8th Generation Intel® Core™ Processor Family
how many years back is that?
Skylake, Kaby Lake and Coffee Lake, ergo 2015-now.
imo Tanenbaum gets an F.
Yeah but who wasn't expecting this was going to happen? Anyway it just confirms my decision to avoid Intel/AMD forever, no matter what they say they're gonna do.
MINIX3 is NOT a teaching OS.
Just gonna leave this here. It's guides and stuff on how to reflash the coreboot on chromebooks, getting rid of the included depthcharge and allowing for the removal of ChromeOS. Many Chromebooks are ARM-based, so by degoogling them through a firmware reflash and installation of regular GNU/Linux, this may be a way out.
tfw core 2 duo
all systems with ME 11
I bet similar exploits exist for pre-11 versions of the ME but the public won't ever find out about them
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.
prepare for the next generation of botnets if this can be chained with the recent AMT auth bypass
"For me Epi extreme Prio, because see picture (after 2 days off-the-bar-shave)"
fuck wrong thread
Pre-Sandy Bridge CPUs are vulnerable to the memory sinkhole exploit, which is effectively the same as compromising IME (BIOS reflashing included), though you need root or a kernel exploit to use it.
it's not a teaching OS
it's just hopelessly shit and buggy
Thank you for the direct links to intel user. How very kind of you. Good job with the extremely detailed OP as well.
Intel has released a downloadable detection tool
only Windows and Linux(sic)
What to do if you're on macOS?
Good point, what if Apple uses some weird proprietary Platform Controller Hub and thus has a non-compliant or even nonexistent Intel ME implementation? You still need to go through Bootcamp to boot into a non-Apple OS after all
It's not shit nor buggy. Have you ever used MINIX3, or do you parrot shit you read elsewhere as fact?
You still need to go through Bootcamp to boot into a non-Apple OS after all
I've heard it's not necessary, at least for Ubuntu.
Also, a very long time ago I've booted Win8.1 from USB flash drive on a macbook (it was "installed" there beforehand in a VM) and it also didn't need anything special to boot, only drivers for vidya and shit.
Why on earth would you need an archive link for Intel's website?
it's not shitty nor buggy
it's just got a lot of buffer overflows leading to ring -2 exploits
Archive everything you faggot.
intel modify tons of code, implement the OS at ring -3
Get fucked, moron.
I don't know who Jewed you into believing MINIX3 wasn't shit, but open your fucking eyes, user.
The whole point of ME and UEFI was to have vulnerabilities there. Intel sells them to NWO, CIA, MOSSAD, NSA, jews
But sometimes some hackers find them out and use them or blackmail intel with them. In that case Intel fixes this one and introduces some other (or already have many spare).
Now even if you are using GNU LINUX, it doesn't matter as ME and UEFI vulnerability will work on your PC too. You and your Linux does not have control over your PC.
Oh no, a relatively new, and tremendously improved system is marginally slower than the older one (thanks to safe user-mode drivers over in-kernel drivers)... Even though MINIX3 provides massive security increase, self-healing capability and fault-tolerance, with a demonstrably better kernel and userland, you have to insist MINIX 3 is shit because you dug yourself a hole.
that was just a conspiracy theory
now we have proof it's insecure
This isn't news that it's exploitable. The memory sinkhole bug came out several years ago. Kaspersky also found HD firmware malware - granted that's not cpu bug, but it shows you the danger of the closed firmware on anything.