Intel AMT firmware suffers security flaw even when machines are off

8th gen intel core launch
Another security vulnerability has been revealed that poses a significant risk for a number of PCs running Intel chipsets or processors. This one’s a bit different — and potentially more dangerous — than many other vulnerabilities in that it targets business-class systems in particular. It can also affect machines that aren’t even running.

The flaw, which exists in certain Intel chipset firmware versions utilized by some systems with vPro processors, affects the Active Management Technology, or AMT, feature. AMT lets administrators manage machines via remote connections, and the vulnerability allows attackers to bypass authentication and utilize the same capabilities, Ars Technica reports.

AMT is a part of the remote access features of some systems that allow remote access to a machine even when it’s shut down. As long as such a machine has power, it can by design be accessed with all the intended remote capabilities enabled.

Intel designed AMT to demand a password before allowing remote access via web browser. Unfortunately, the flaw allows attackers to bypass the AMT system’s usual authentication requirement. Tenable Network Security, which has created what it characterizes as the first Intel AMT vulnerability detection capability, describes the flaw as follows:

” … we reduced the response hash to one hex digit and authentication still worked. Continuing to dig, we used a NULL/empty response hash (response=”” in the HTTP Authorization header). Authentication still worked. We had discovered a complete bypass of the authentication scheme.”

As Ars Technica points out, the issue is made even worse by the AMT feature’s design, in which network traffic is passed through the Intel Management Engine and to the AMT, bypassing the operating system. That means that there’s no record of unauthorized access.

Intel indicated in a blog post that PC manufacturers should be releasing patches for affected systems within the week. It also posts a tool to locate and diagnose vulnerable systems. Fujitsu, HP, and Lenovo have provided information on their own affected systems. So far, the Shodan security search engine has located more than 8,500 machines that are vulnerable to attack.

Updated on 5-10-2017 by Mark Coppock: Clarified that the flaw exists in certain chipset firmware and not inherent in Intel vPro processors and removed the incorrect reference to any empty text field being able to bypass AMT authentication.

Emerging Tech

In a first for humankind, China is growing plants on the moon

Having recently landed a probe on the far side of the moon, China announced that it managed to grow the first plant on the moon, too. Here's why that matters for deep space travel.
Cars

Bose introduces QuietComfort Road Noise Control tech for cars at CES 2019

If you find road noise annoying and tiresome at highway speeds, Bose introduced QuietComfort Road Noise Control (RNC) active sound managment technology at CES 2019 to help quiet your world when you travel in cars, trucks, and SUVs.
Social Media

Instagram now lets you post to multiple accounts in one tap

Instagram for iPhone now lets you post to multiple accounts at the same time. It's not the regram feature that many users have been asking for, but it could prove useful for some users who manage more than one profile.
Cars

2020 Ford Explorer is aimed at being a smarter, sportier family hauler

The redesigned 2020 Ford Explorer boasts new features like a 10.1-inch portrait touchscreen and off-road-oriented Terrain Management System. It debuts at the 2019 Detroit Auto Show, and goes on sale this summer.
Computing

Still miss Windows 7? Here's how to make Windows 10 look more like it

There's no simple way of switching on a Windows 7 mode in Windows 10. Instead, you can install third-party software, manually tweak settings, and edit the registry. We provide instructions for using these tweaks and tools.
Computing

Lost your router? Here's how to find its IP address to help track it down

Changing the login information for your router isn't always easy, that's why so many have that little card on the back. But in order to use it, you need to know where to go. Here's how to find the IP address of your router.
Computing

Our favorite Windows apps will help you get the most out of your new PC

Not sure what apps you should be downloading for your newfangled Windows device? Here are the best Windows apps, whether you need something to speed up your machine or access your Netflix queue. Check out our categories and favorite picks.
Computing

Is it worth spending more for the Surface Pro, or is the Surface Go good enough?

The Surface Go versus Surface Pro -- which is better? While the higher price tag of one might make you think it's an easy choice, a deeper dive into what each offers makes it a closer race than you might assume.
Computing

Pinning websites to your taskbar is as easy as following these quick steps

Would you like to know how to pin a website to the taskbar in Windows 10 in order to use browser links like apps? Whichever browser you're using, it's easier than you might think. Here's how to get it done.
Computing

Stop your PC's vow of silence with these tips on how to fix audio problems

Sound problems got you down? Don't worry, with a few tweaks and tricks we'll get your sound card functioning as it should, and you listening to your favorite tunes and in-game audio in no time.
Computing

Yes, Android apps can run on your PC, and it's easier than you think

Wish you knew how to run Android apps in Windows? It's easier than you might think and there are a number of different ways to do it. In this guide, we break down the steps so you can follow along with ease.
Computing

Don't spend hundreds on Pro Tools or Logic. Try one of these free alternatives

Believe it or not, Pro Tools isn't the only digital audio workstation worth your time. Check out our picks for the best free recording software, whether you're looking for a lightweight app or a full-blown audio workstation.
Computing

How to share an external hard drive between Mac and Windows

Compatibility issues between Microsoft Windows and Apple MacOS may have diminished sharply over the years, but that doesn't mean they've completely disappeared. Here's how to make an external drive work between both operating systems.
Computing

Should you buy the affordable MacBook Air, or is the MacBook Pro worth the price?

Though they both share Retina Displays and similar keyboards, there are still some specs differences and other changes that differentiate the new 2018 MacBook Air and MacBook Pro. In this guide, we stack the two up against each other.