[German]All Intel CPUs released in the past five years contain an unfixable flaw, that affects the 'Intel x86 Root of Trust'. Intel tried to patch to lessen the damage of exploits. But security researcher say that's not enough to protect the system 100 %.
Advertising
Security firm Positive Technologies has published this article about the case and wrote: 'The scenario that Intel system architects, engineers, and security specialists perhaps feared most is now a reality.' A vulnerability found in the ROM of the Intel Converged Security and Management Engine (CSME) allows a compromise at the hardware level. So it destroys Intel's chain of trust.
(Quelle: Pexels Fancycrave CC0 License)
Positive Technologies security researchers have discovered an error in Intel hardware, as well as an error in Intel CSME firmware at the very early stages of the subsystem's operation, in its boot ROM. Advanced attackers can exploit the flaw to bypass Intel's Enhanced Privacy ID (EPID) (which provides on-chip encryption capabilities) and digital rights management protections for proprietary data. Details may be read within the Positive Technologies article or within this Arstechnica article.
Advertising
