Skip to main content

Three generations of Intel processors are vulnerable to management engine bug

Intel
Image used with permission by copyright holder
It’s rare that the kids, parents, and grandparents are affected by any one problem, but that’s exactly what’s happened with the case of the recently discovered Management Engine bug in Intel processors. The exploit, which makes it possible for the remote takeover of a system, affects not only the latest, eighth generation of Intel CPUs, but the seventh and sixth generations as well (even the best ones).

But this bug doesn’t stop there. On top of affecting almost all desktop and laptop systems sold with Intel hardware since 2015, Xeon processor lines like the E3-1200 v5 and V6 are affected too. As Ars Technica points out, this bug also hits the Atom range of C3000 processors, the E3900 series for Internet of Things devices, and the Apollo Lake Pentium and Celeron N and J series processors.

The problem in Intel’s Management Engine (ME) firmware actually enables four different potential exploits, with different versions of the ME affected by different ones. The most severe bug was discovered by researchers in the latest version of the firmware; it allows remote code execution, which potentially allows the takeover of an entire system without having access to the hardware.

Other, somewhat less serious exploits, make it possible to cause system crashes or instability, and to access privileged information about the system.

Despite the widespread nature of the bug(s), there isn’t much consumers can do about it as of yet. Intel has released a detection tool to find out if your system is one of those vulnerable to its effects, with options for a command-line interface and a more consumer-friendly general user interface option. Both highlight what hardware and software your system is running and whether you may be vulnerable to this newly discovered flaw.

If you know or suspect you are affected, the best advice Intel is offering, for now, is to keep an eye on your motherboard or system manufacturer’s website and update your drivers and firmware as and when you can. Lenovo is expected to get an update out by November 23. Dell has confirmed that some 100 of its systems are affected by this bug, though it hasn’t given a time frame for when its firmware update will be released.

Jon Martindale
Jon Martindale is the Evergreen Coordinator for Computing, overseeing a team of writers addressing all the latest how to…
Intel may have been right about killing Hyper-Threading after all
A Core i9-12900KS processor sits on its box.

Intel is getting rid of one of the features that has defined most of the best processors for more than a decade -- Hyper-Threading. It's the branded name Intel uses for simultaneous multi-threading, or SMT, and the company has already confirmed it won't use SMT on its upcoming Lunar Lake mobile CPUs. Rumor has it the company is also ditching SMT for its Arrow Lake desktop CPUs. Surprisingly, according to new leaks, killing SMT might have been the right call after all.

A handful of benchmarks have leaked for Arrow Lake CPUs. Starting off, the Core Ultra 7 265K and Core Ultra 9 285K both popped up in the Geekbench 6 database. The flagship Core Ultra 9 is a 24-core part, and it achieved a score of 21,075 in Geekbench 6's multi-core test. That's slightly above what you'll see with the Ryzen 9 9950X and on-par with the Core i9-14900K, both of which come with 32 threads due to SMT.

Read more
This next CPU generation is starting to feel skippable for gamers
The AMD Ryzen 5 9600X between two finger tips.

The two most exciting PC components to upgrade are the graphics card and the processor. We haven't seen next-gen graphics cards yet, and we're unlikely to see them this year, but both Intel and AMD have released (or will release) new processors. However, this generation of CPUs is quickly turning out to be the one to skip.

With AMD Ryzen 9000 series already here, and with Intel Arrow Lake-S on the imminent horizon, you'd think that gamers would be lining up to upgrade. But as a gamer, I haven't felt less excited about a generation of CPUs in quite a long time.
Ryzen 9000 barely makes a difference

Read more
Intel Arrow Lake gets possible pricing and release date
Intel CEO Pat Gelsinger presents Intel's roadmap including Arrow Lake, Lunar Lake, and Panther Lake.

We haven't even gotten an official release date for Intel Arrow Lake, but the one we know of is already being pushed back. Many leaks pointed to an October 10 release, but now, one source claims that Intel won't launch its next-gen top desktop processors until October 24. This only applies to the K and KF-series CPUs -- the non-K variants won't arrive until much later. We've also gotten a peek at some of the possible pricing.

Fortunately, the delay doesn't appear to be major. According to HKEPC on X (formerly Twitter), the launch of Intel Arrow Lake-S has now been pushed back from October 17 to October 24. This is somewhat inconsistent with previous leaks, but not really -- it appears that Intel had always planned to announce Arrow Lake on October 10, with availability starting on October 17. Now, we might still hear about the CPUs on October 10, but they won't appear on the shelves until two weeks later.

Read more