Security Researchers Discover New ‘Unfixable’ Flaw on Intel CPUs

Security researchers have discovered a new security flaw on Intel CPUs that “jeopardizes” Intel’s root of trust. According to security researchers at Positive Technologies, the new vulnerability affects Intel CPUs released in the past five years.

The vulnerability is apparently unfixable and impossible for antivirus software to detect. Intel has confirmed the existence of the flaw, but has downplayed the impact of the vulnerability.

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday — and get free copies of Paul Thurrott's Windows 11 and Windows 10 Field Guides (normally $9.99) as a special welcome gift!

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

[ad unit=’in_content_premium_block’]

The flaw is in Intel’s Converged Security and Management Engine or CMSE system that is found in Intel chips. The purpose of CMSE is to implement the Trusted Platform Module that’s used for authentication of UEFI BIOS firmware, silicon-based encryption, Microsoft BitLocker, and other security features, notes Ars Technica.

However, due to a flaw in the CMSE subsystem, attackers with physical access to a computer can exploit the subsystem to execute malicious code that could run with the highest of system privileges. As a result, attackers who are able to exploit the flaw can get around DRM protections, and can potentially extract the chipset encryption key which could enable the attacker to carry out further attacks.

There are a number of different technical components and security layers involved here, so if you are interested in the complete breakdown of how this flaw actually works, you should read the report from Positive Technologies here.

Intel has responded to the discovery and has already released patches to block one potential attack vector, stating that the flaw can only be exploited with physical access to the system. “Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine in which an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products,” a spokesperson for the company said.

Intel has found a number of vulnerabilities on its chips since the Meltdown and Spectre vulnerabilities back in 2018. And although the latest flaw is a lot less significant than Meltdown/Spectre, it could still be a major threat for some. “This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” claimed the security researchers.

Tagged with

Share post

Please check our Community Guidelines before commenting

Conversation 19 comments

  • red.radar

    Premium Member
    06 March, 2020 - 10:59 am

    <p><br></p><p>Intel is really having a bad couple of years…</p>

  • brandonmills

    06 March, 2020 - 11:02 am

    <p>Can only be exploited with physical access to the system.</p><p><br></p><p>…I mean, isn't preventing the attacker from reading your data after they have your BitLockered drive the entire point? What if a tool is released that easily defeats BitLocker? Not great news.</p>

    • lvthunder

      Premium Member
      06 March, 2020 - 11:49 am

      <blockquote><em><a href="#527059">In reply to BrandonMills:</a></em></blockquote><p>It's not great news, but it's also not the end of the world.</p>

  • rmlounsbury

    Premium Member
    06 March, 2020 - 11:03 am

    <p>Hmmm, that Surface Pro X looks a little better this morning.</p>

  • canamrotax

    Premium Member
    06 March, 2020 - 11:20 am

    <p>I have always said, with physical access to a machine, all bets are off…</p>

  • StevenLayton

    06 March, 2020 - 11:34 am

    <p>Poor Intel, they just don't seem to be able to catch a break, lol.</p>

  • wright_is

    Premium Member
    06 March, 2020 - 11:47 am

    <p>The "good" part is that you need a piece of additional hardware installed on the pc that boots faster than the CSME and can slip data into its pointer table, in its own, private, not from the rest of the system visible memory in the couple of milliseconds during the boot process, before it encrypts the table.</p><p>Its like shooting fish in a barrel, well, a single minnow in a tiny barrel over 1,000 miles away, and hitting it square between the eyes. </p>

  • martinusv2

    Premium Member
    06 March, 2020 - 12:02 pm

    <p>Only Gen10 chips that are not affected. Like Steve Gibson use to say: "Its the gift that keep on giving". </p>

  • chaad_losan

    06 March, 2020 - 12:49 pm

    <p>And the hits just keep on coming!</p>

  • rm

    06 March, 2020 - 2:30 pm

    <blockquote><em><a href="#527067">In reply to MikeGalos:</a></em></blockquote><p>I guess we haven't virtualized enough yet! ?</p>

  • harmjr

    Premium Member
    06 March, 2020 - 3:09 pm

    <p>So this is how the 007 Bond breaks into the top secret office pops in a usb drive and magically downloads all the data. Of course right before being caught and tortured….</p>

  • illuminated

    06 March, 2020 - 3:31 pm

    <p>Physical access is needed. Better have a device with the lowest repairability score.</p>

  • BizTechSherpa

    06 March, 2020 - 4:28 pm

    <p>I now use an iPad as my primary mobile device, so much of my day is on that. But I also have a Mac Pro 2013 ("Trash Can") at home, and an Intel NUC at the office. Problem is, everything is in the cloud via OneDrive, O365, etc. so I am 2/3 vulnerable. </p>

    • Stooks

      06 March, 2020 - 8:18 pm

      <blockquote><em><a href="#527133">In reply to BizTechSherpa:</a></em></blockquote><p>Your post makes no sense at all. Please tell us you have MFA turned on for O365???</p><p><br></p><p>Does any one have physical access your Intel based computers??? Oh and they would need to be logged in. </p>

      • youwerewarned

        06 March, 2020 - 10:50 pm

        <blockquote><em><a href="#527154">In reply to Stooks:</a></em></blockquote><blockquote><br></blockquote><blockquote><em>Login NOT required…this issue arises WAY before that point in the boot process.</em></blockquote><p><br></p>

  • Allen Markham

    06 March, 2020 - 5:09 pm

    <p>To some extent, finding vulnerabilities on Intel chips reminds me of the going attempts to "Jailbreak" iPhones – though, of course, for the most part, jailbreaking is not malicious but just a way of making iPhones work the way the user want. It finds vulnerabilities in chips and exploits them until the manufacturer fixes the chip.</p>

  • youwerewarned

    06 March, 2020 - 10:51 pm

    <p>Anything can be compromised with unrestrained direct physical access. Yet another reason to pull motherboard manufacturing out of China. That this will not happen proves we're all too cheap (users) and/or greedy (manufacturers) to actually care.</p>

  • Daekar

    09 March, 2020 - 7:37 am

    <p>Not that this isn't something that needs fixing, but I am starting to feel the fatigue on this kind of thing. At this point, it's feeling like security just isn't something that you can buy anymore.</p>

    • nbplopes

      10 March, 2020 - 3:46 am

      <blockquote><em><a href="#529217">In reply to Daekar:</a></em></blockquote><p><br></p><p>One could never buy absolute security. I’m more tired of subliminar messages telling me I’m am insecure and need to buy something to fix it.</p><p><br></p><p>I bet both ARM and AMD has undiscovered holes.</p>

Windows Intelligence In Your Inbox

Sign up for our new free newsletter to get three time-saving tips each Friday

"*" indicates required fields

This field is for validation purposes and should be left unchanged.

Thurrott © 2024 Thurrott LLC