Intel issued an alert for owners of select PCs, Servers and IoT devices running Intel Core processors shipped since 2015. The firmware in those computers may be vulnerable to attack. The attacks may give hackers access to privileged system information and allow attackers to take over those computers.
MOST of the attacks require local access, but at least one of them can be done remotely. Now that the details are out, it is possible that further exploits may be found.
Intel has released tools that allow users to determine if their systems are vulnerable. Those tools, for Windows and Linux, are available on Intel’s web site, here.
Now here is the challenge.
Unlike Windows update, where patches are pushed out to users, these updates have to come from the hundreds of motherboard and system vendors that have used the affected processors over the last two years. For many users, they know who makes their computers, but for lesser known manufacturers (not HP, Dell or Lenovo, for example), those vendors may not issue patches and may not warn their buyers.
For end users who are concerned, download the utility, test your computer and then, pester your computer manufacturer until they test and release a patch.
As of earlier this week, Dell, HP and some other vendors are testing new patches for release.
If there is any good news here, it is that most of the affected systems are higher end computers inside enterprises. While that is bad since enterprises likely have more valuable data to steal, they also have IT departments who can and will run detection scripts to find out which computers need to be patched.
Home users that have high end systems that will need to be patched, but likely never will be patched, making it easy for hackers to take over control of those computers.
This particular attack points to a whole class of vulnerabilities that fall into the hard to deal with category. Whether it is an Internet of Things device or a motherboard in a desktop PC, these bugs are much less likely to get fixed. Vendors may or may not know who the end user is and the store that sold it may not know who the user is either. The result is that a patch is never installed. The hackers know this and will be trolling to find affected PCs, yours included.
Information for this post came from Ars Technica.