The bug allows anyone with physical access to the affected laptop to bypass the need to enter login credentials—including user, BIOS and BitLocker passwords and TPM pin codes—enabling remote administration for post-exploitation.
In general, setting a BIOS password prevents an unauthorised user from booting up the device or making changes to the boot-up process. But this is not the case here.
The password doesn’t prevent unauthorised access to the AMT BIOS extension, thus allowing attackers access to configure AMT and making remote exploitation possible.
Although researchers have discovered some severe AMT vulnerabilities in the past, the recently discovered issue is of particular concern because it is:
- easy to exploit without a single line of code,
- affects most Intel corporate laptops, and
- could enable attackers to gain remote access to the affected system for later exploitation.
CRTL-P and a default “admin” passowrd? Really Intel.
Well i mean the product is running as intended
I was unable to duplicate this. Pressing CTRL-P at boot got me nowhere, and I tried several times. The article mentions corporate laptops, whereas I’m using a Kaby Lake gaming laptop. Is my consumer grade hardware more secure than a corporate laptop?
I have an old business class laptop at home that I’ll try once I get off work.
Works on my Thinkpad x201t, Had to turn AMT on though…
Can we just change that to ‘running as Inteldid’ from now on?
Hey google; what is the opposite of intelligent?
Idiotic
Idiot CPUS
Can i get my money back yet?!?
U serious dude? xD this shit is new stuff? What the hell.
I just got the windows 10 update. My i5 760 is so unresponsive i actually see the apps and window pop-ups delayed.
FUCK this garbage of a company. Can’t wait for Ryzen refresh.
That moment when everyone buys the coolaide en masse and you get to watch them all burn.
On most business manufacturers hardware this has to be enabled explicitly in the BIOS, then a password has to be set before this is enabled. Even then, it looks like it’s only exploitable with local resources access.
Not a good vulnerability, but still, not bad. Enabling AMT has a host of other exploitable issues that trump this one.
You mean the intel hate?
All it will take is successive stories like these to erode public confidence.
Whether or not that will end up pushing people to amd is up for debate, personally I think the ‘sheep’ are more likely to just assume its a windows thing and end up buying a mac… unaware that has the same intel issues.
One of the most asked questions from mac people during meltdown was 'but my mac is safe right?"
It’s all good! IT support needed something new after the MacOS login started to get patched.
I need to try this on one of our machines because I locked myself out with Bitlocker.
It just gets worse for Intel… Ctrl+P at boot…
Finnish cyber security firm F-Secure reported unsafe and misleading default behaviour within Intel Active Management Technology (AMT) that could allow an attacker to bypass login processes and take complete control over a user’s device in less than 30 seconds.
AMT is a feature that comes with Intel-based chipsets to enhance the ability of IT administrators and managed service providers for better controlling their device fleets, allowing them to remotely manage and repair PCs, workstations, and servers in their organisation.
The bug allows anyone with physical access to the affected laptop to bypass the need to enter login credentials—including user, BIOS and BitLocker passwords and TPM pin codes—enabling remote administration for post-exploitation.
“The attack is almost deceptively simple to enact, but it has incredible destructive potential,” said F-Secure senior security researcher Harry Sintonen, who discovered the issue in July last year.
“In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures.”
this requires physical access to the machine. with physical access (and enough time) you will be owned (in spite of all the other security measures) even without this bug.
IE pull the drive, usb adapter to another machine under the attackers control, install remote control/key logger etc program and/or image the drive for later hacking, reinstall the the drive and walk away.
the machine without a drive is of no interest to an attacker, generally. its the data on the hard drive thats of interest.
while this is true,
the fact that “enough time” is less than one minute in this case means the attack could be carried out while the owner is (e.g.) in the restroom, even if the machine itself is physically chained to their desk.
Intel would like to say while yes. AMD and ARM with us are working to address this and we are all in this together
One of the youtube comments on that vid…
all this for anti-intel campaign…its a dirty tactic i seen before…during the pentium era’s…paid by AMD
Talk about delusional
Intel did nothing wrong!
/s
A lot of people do not realized that Intel is still fighting the litigation by AMD of unfair practices. Intel was proven to be in the wrong but yet can just keep delaying payment indefinitely by keeping it in court. That is just criminal.