Security researchers say they've found a way to exploit Intel's accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December.
Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”.
Intel Management Engine (ME), a microcontroller that handles much of the communication between the processor and external devices, hit the headlines in May 2017 due to security concerns regarding the Active Management Technology (AMT) that runs on top of the engine.
It later emerged that AMT had a simple authentication error: an attacker could login with an empty password field.
For those whose vendors haven't pushed a firmware patch for AMT, in August Positive Technologies discovered how to switch off Management Engine.
El Reg expects a lot of users who skipped the ME “kill switch” in the last month are about to have a change of mind, once they read this abstract ahead of Black Hat Europe.
The Positive Technologies researchers say they'll demonstrate a pwn-everything exploit for Management Engine.
The company's researchers Mark Ermolov and Maxim Goryachy discovered is that when Intel switched Management Engine to a modified Minix operating system, it introduced a vulnerability in an unspecified subsystem.
Because ME runs independently of the operating system, a victim's got no way to know they were compromised, and infection is “resistant” to an OS re-install and BIOS update, Ermolov and Goryachy say.
Black Hat Europe commences on December 4th, in London. ®