[Cryptography] Big ugly security problem in post-2008 Intel chipsets.

Ray Dillinger bear at sonic.net
Tue May 2 19:06:09 EDT 2017


Published details do in fact remain vague.  But here's an ars technica
article.

https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/

If I'm reading this correctly the vulnerability doesn't even require AMT
to be activated in your machine, or even enabled in your BIOS, to root
the machine.  Intel chipsets have AMT on the dies, whether or not the
particular machine they're installed in has it activated or reports it
during POST.

				Bear


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170502/28b15bcf/attachment.sig>


More information about the cryptography mailing list