Intel Advisory On Vulnerability For Remote Access Of Enterprise PCs Spotlights A 'Big Selling Feature For VARs'
Intel has issued a security advisory about a critical flaw that enables attackers to take full control of enterprise computers running on vulnerable networks.
The company said on Monday evening that there is a critical flaw in the remote management features of processors in its Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability technology.
"In March 2017 a security researcher identified and reported to Intel a critical firmware vulnerability … Consumer PCs and Data Center Servers using Intel Server Platform Services are not impacted by this vulnerability," an Intel spokesperson told CRN. "We are not aware of any exploitation of this vulnerability. We have implemented and validated a firmware update to address the problem, and we are cooperating with equipment manufacturers to make it available to end-users as soon as possible."
"We would, of course, still recommend that customers should perform the firmware updates provided by Intel if they have the AMT versions that are vulnerable," said one partner, who wished to remain anonymous. "Remote access is a big selling feature for vPro, particularly for VARs that work with SMB clients that are spread out geographically, as it allows a VAR to provide valuable services for their clients that don’t have IT staff, so fixing this potential issue should be addressed."
The flaw impacts vPro processors that business customers purchase – not consumer PCs – and deploy for large fleets of computers, allowing unprivileged attackers to gain control of the manageability features on these products.
According to Intel, the flaw impacts Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 for its Active Management Technology, Small Business Technology, and Standard Manageability platforms.
Another Intel partner, who wished to remain anonymous, said that his clients using vPro features see the flaw as a concern – but not a workflow stopper. "Our clients are interested in seeing a patch soon, and are making sure they are not exposed to the possible backdoor attacks exposed by this bug, while they await a patch," said the partner.
Intel said that the vulnerability could be exploited in two ways – through an unprivileged network attack who can access system management to manageability SKUs, and through an unprivileged local attack who can use manageability features and gain network or local system privileges on Intel's technology.