Skip to main content

Digital Trends may earn a commission when you buy through links on our site. Why trust us?

Intel recommends updating to protect processors against critical vulnerability

Researchers found a vulnerability in some Intel processors that allows attackers to access encrypted data and install malicious firmware. When abused, the vulnerability opens the door to break through various security measures on the chip.

Intel is already aware of the issue and advised affected users to download the latest firmware update in order to protect their systems.

intel core i9-11900K
Intel

The vulnerability affects older Intel processors, including Intel Pentium, Celeron, and Atom, which are based on the Gemini Lake, Gemini Lake Refresh, and Apollo Lake platforms. Interestingly, it can only be exploited by hackers in physical possession of the chip — online-only access will not compromise the processor.

Due to this security flaw, capable hackers who have the affected chip on hand are allowed to run it in debugging and testing modules that are normally only used by firmware developers. This lets them completely bypass security measures, including Bitlocker and TPM protection, anti-copying blocks, and more.

Accessing developer mode allows the attacker to extract the data encryption key, which on Intel CPUs is normally stored in the TPM enclave. TPM stands for Trusted Platform Module and is a microcontroller used for storing keys, digital certificates, passwords, and other sensitive data. If TPM is being used to protect a Bitlocker key, using the processor in developer mode also lets the attacker breach that final wall of protection.

On top of gaining access to sensitive data, the hacker would also be able to breach the Intel Management Engine and run unauthorized firmware on the chip. The end result could be permanent access to the chip that could potentially go undetected for an undetermined amount of time.

A description of key derivation.
Image credit: Ars Technica Image used with permission by copyright holder

The entire process of gaining access to the processor and overcoming security measures takes just 10 minutes, which means that those with brief access to the chip are able to potentially cause a massive security breach in a very short time.

This vulnerability was first discovered and reported by researchers Mark Ermolov, Dmitry Sklyarov, and Maxim Goryachy. They reported it to Intel and talked about the vulnerability, revealing further details of the possible breach. Ars Technica then reported the situation in more detail.

“We found out that you can extract this key from security fuses. Basically, this key is encrypted, but we also found a way to decrypt it, and it allows us to execute arbitrary code inside the management engine, extract Bitlocker/TPM keys, etc.,” Goryachy told Ars Technica.

This isn’t the first time Intel products have been targeted by various hacking attempts. In 2020, the same research team found a possible vulnerability that allowed attackers to decrypt several Intel updates. There have also been flaws in the Intel Boot Guard and Software Guard Extensions.

Although Intel admits that the latest discovered vulnerability is dangerous and gave it a high severity rating, there have been no reports of users suffering from this security breach. Intel advises the owners of affected processors to simply install the latest firmware update in order to reinforce the security of their CPUs.

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
Intel CPU gaming crashes are causing an uproar
Intel Core i9-13900K held between fingertips.

Some of Intel's best CPUs may be having stability issues in Unreal Engine 4 and 5 games. According to reports from frustrated users, CPUs like the Core i9-13900K or the Core i9-14900K run into shader compilation issues in certain games, resulting in crashes. The community found a fix that seems to work for most people, but it's more of a workaround than a real solution.

Reports about these problems have been flooding various Steam forums and Reddit communities for months afterSebastian Castellanos on X (formerly Twitter) brought them to light. It appears that people are experiencing these problems primarily in UE4/5 games. During the initial shader compilation stage, the game crashes to desktop. Affected titles include Hogwarts Legacy, Fortnite, Remnant 2, Nightingale, and more.

Read more
A major era in Intel chip technology may be coming to an end
An Intel processor over a dark blue background.

Intel's next-generation Arrow Lake chips are said to be coming out later this year, but we don't know much about them just yet. However, a new leak shows us that two crucial features may be missing from the next-gen CPU lineup: hyperthreading and support for the AVX-512 extension. If Intel is ditching hyperthreading, it's not entirely unexpected, but it might make it trickier for even its best processors to beat AMD.

Hyperthreading allows physical cores in Intel processors to perform two tasks simultaneously, improving efficiency and performance in multi-threaded applications. Intel first introduced it in 2002, but it hasn't used the technology in every generation of its CPUs between then and now. The tech was all but gone from client processors for many years following its launch, although it was still present in certain models. Since then, Intel has selectively implemented HT across its product stack. In the last few years, it became a staple, especially in midrange and high-end chips.

Read more
Intel’s CPUs just got way more confusing
Intel Core i5-14600K processor inside its socket.

Intel announced a slew of new processors during CES 2024, including mobile and desktop CPUs and the new Intel Core Series 1 made for thin-and-light laptops. Some are destined to make the list of the best processors, but Intel's naming conventions are only getting more confusing, with machines sporting both its old naming convention and the new Core Ultra rebrand in 2024.

Starting with the Intel Core HX series, Intel is introducing five new CPUs made for gamers and creators, starting with the high-end Intel Core i9-14900HX, followed by the Core i7-14700HX, the Core i7-14650HX, the Core i5-14500HX, and lastly, the Core i5-14450HX. The top chip in the lineup sports a whopping 24 cores and 32 threads.

Read more