Intel recommends updating to protect processors against critical vulnerability

DMCA / Correction Notice
- Advertisement -


Researchers found a vulnerability in some Intel processors that allows attackers to access encrypted data and install malicious firmware. When abused, the vulnerability opens the door to breaking through the various security measures on the chip.

- Advertisement -

Intel is already aware of the issue and has advised affected users to download the latest firmware update to protect their systems.

Intel Core i9-11900K
Intel

The vulnerability affects older Intel processors, including the Intel Pentium, Celeron and Atom, which are based on the Gemini Lake, Gemini Lake Refresh and Apollo Lake platforms. Interestingly, it can only be used by hackers in physical possession of the chip – online-only access will not compromise the processor.

advertisement

Because of this security flaw, competent hackers who have the affected chip on hand are allowed to run it in debugging and testing modules that are typically only used by firmware developers. This lets them bypass security measures entirely, including BitLocker and TPM protection, anti-copy blocks, and more.

Accessing developer mode allows the attacker to extract the data encryption key, which is normally stored in the TPM enclave on Intel CPUs. TPM stands for Trusted Platform Module and is a microcontroller used to store keys, digital certificates, passwords and other sensitive data. If the TPM is being used to protect the BitLocker key, then even using the processor in developer mode allows an attacker to breach the back wall of security.

- Advertisement -

On top of gaining access to sensitive data, the hacker would also be able to breach the Intel Management Engine and run unauthorized firmware on the chip. The end result could be permanent access to the chip that could potentially go undetected for an indefinite period of time.

Description of key derivation.
Image credit: Ars Technica

The entire process of gaining access to the processor and overcoming security measures only takes about 10 minutes, meaning people with brief access to the chip could cause a massive security breach in a very short amount of time.

This vulnerability was first discovered by researchers Mark Ermolov, Dmitry Sklyarov and Maxim Goryachi. He reported it to Intel and talked about the vulnerability, revealing further details of the potential breach. Ars Technica Then explained the situation in more detail.

“We found out that you can extract this key from the security fuse. Basically, this key is encrypted, but we also found a way to decrypt it, and it allows us to execute arbitrary code inside the management engine.” BitLocker/TPM key extraction, etc,” Gorichi told Ars Technica.

This isn’t the first time Intel products have been targeted by various hacking attempts. In 2020, the same research team found a potential vulnerability that allowed attackers to decrypt multiple Intel updates. There have also been flaws in Intel Boot Guard and Software Guard Extensions.

Although Intel admits latest discovered vulnerability is dangerous And given it a high severity rating, there have been no reports of users suffering from this security breach. Intel advises owners of affected processors to install only the latest firmware updates to strengthen the security of their CPUs.




- Advertisement -

Stay on top - Get the daily news in your inbox

Recent Articles

Related Stories