Skip to main content

Researchers find vulnerability in older versions of Intel ME, but you probably don't need to worry

8th gen intel core launch building 01
Image used with permission by copyright holder
According to security researcher Damien Zammit, there’s possibility that computers based on recent x86-based processors from Intel could be unknowingly compromised. The good news, however, is that there’s no known exploit currently in use, so don’t panic just yet.

Most general consumers purchasing Intel-based desktops and laptops have no clue that a special 32-bit ARC microprocessor is built inside Intel’s supporting motherboard chipset. It’s part of the Intel Management System (ME), and acts like a standalone, independent “computer” that controls the Intel x86 processor. Its main focus is big enterprise deployments, so that multiple systems can be managed remotely.

That said, ME is invisible in regards to the overall system setup, and in some cases includes Intel’s Active Management Technology (AMT) so that it can continue to perform no matter what operating system is installed. Thanks to AMT, the ME system can sneak past the x86 Intel processor and access any region of the system memory. It also runs its own TCP/IP server, which is capable of bypassing an installed firewall to send and receive packets. The ME system cannot be disabled by the installed operating system or x86-based firmware, especially on systems that are newer than the Intel Core 2 processor series.

Thus, because Intel-based systems essentially depend on ME to boot, the ME firmware is verified by a boot ROM that’s secretly embedded in the Intel chipset. This process matches the public key’s SHA256 checksum with one provided by the factory, and then verifies the RSA signature of the firmware payload, a process that can’t be bypassed. The ME firmware is cryptographically protected with RSA 2048. If the ME firmware is not present or somehow becomes corrupted, the system will either shut down right after booting, or will refuse to boot altogether.

So, the big stink regarding Intel’s ME system is that researchers reportedly managed to exploit weaknesses in the firmware, enabling them to take partial control of ME installed on early platforms. That means there’s a possibility that attackers can slip under the radar and use a rootkit to quietly gain administrative access to an Intel-based computer. But this possibility is theoretical, and the research only applies to an older version of Intel ME.

“Personally, I would like if my ME only did the most basic task it was designed for, set up the bus clocks, and then shut off,” writes Damien Zammit. “This way, it would never be able to talk out of the network card with some of my personal data.”

At its heart, this controversy is about a difference in opinion about security best practices. Intel’s ME takes a locked-down approach. Only the company knows how it works. That makes it harder to attack, but it also makes it harder to mitigate the possible damage of an attack, and means there’s no way to know — for sure — how it’s working. Zammit supports an open-sourced approach. He believes its “inevitable” that ME will fall to an exploit, and once that happens, it’ll be open season on Intel machines.

However, it’s worth noting that open-source security has a rocky track record of its own. The infamous “Heartbleed” bug, which made it possible to steal information out of the secured OpenSSL protocol, is a good example. In other words, Zammit’s idea that Intel ME would be better off if Intel let others know about its details is an opinion, not a fact.

So, if you have an Intel processor, don’t worry. There’s no known exploit being used at this time. And not all Intel processors have the chip — only those that support vPro functionality include it.

Kevin Parrish
Former Digital Trends Contributor
Kevin started taking PCs apart in the 90s when Quake was on the way and his PC lacked the required components. Since then…
Apple has a chance to fix Mac gaming for good in 2024
Lies of P being played on an iMac.

Looking back, 2023 was a banner year for Mac gaming. As a gamer, it feels really surreal to say that, given how disappointing the past has been. But it’s true -- and for the first time in a long time, the sun is shining on Mac gamers.

We’ve had the M3 series of chips with hardware ray tracing, mesh shading, and improved GPUs. On the software side, Apple has built-in tools like Game Mode and a game porting toolkit into macOS. And some massive games have come to the Mac, including Baldur’s Gate 3 and Lies of P.

Read more
The 10 best laptop deals in Best Buy’s 3-Day Sale — from $120
A bird's eye view of a person working on a laptop.

If you missed out on the Black Friday and Cyber Monday sales from a couple of weeks ago, don't worry. Best Buy is having a massive sale that includes many laptops for you to pick from. That includes everything from Chromebooks to gaming laptops and everything in between. That said, there are a lot of choices to pick from, so we've selected our favorite deals below to make it a little bit easier for you and to give you a solid starting point. That said, check out the full Best Buy sale using the button below to see everything available.

Our Favorite Laptop Deal in Best Buy's 3-Day Sale

Read more
The 3 best MacBook deals in Best Buy’s 3-day sale — from $800
An Apple MacBook laptop on a tabletop. There is a potted plant and an AirPods case next to it.

MacBooks can get quite expensive, which is why it's always a good idea to wait for a sale before springing for a new one, although those tend to be rare these days. That said, there are a couple of MacBook deals for you in Best Buy's 3-day sale, so if you've always wanted to pick one up, now is the time. That said, if you'd like to see some options outside of Apple's ecosystem, check out everything Best Buy has to offer using the link below.

Our Favorite MacBook Deal in Best Buy's 3-Day Sale

Read more