Intel ME Vulnerabilities

Name
Email
Subject
Comment *
File	Select/drop/paste files here
* = required field	[▶ Show post options & limits] Confused? See the FAQ.

Flag
Oekaki	Show oekaki applet (replaces files and can be used instead)
Options	Do not bump (you can also write sage in the email field) Spoiler images (this replaces the thumbnails of your images with question marks)
Password	(For file and post deletion.)
Allowed file types:jpg, jpeg, gif, png, webm, mp4, pdf Max filesize is 16 MB. Max image dimensions are 15000 x 15000. You may upload 3 per post.

File (hide): 2b3fd01918355a5⋯.png (9.36 KB, 586x387, 586:387, intel-logo.png) (h) (u)

▶Intel ME Vulnerabilities Anonymous 11/21/17 (Tue) 11:29:07 No.825551>>825552 >>825555 >>825594 >>825646 [Watch Thread][Show All Posts]

So, this happened

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

▶Anonymous 11/21/17 (Tue) 11:34:42 No.825552

>>825551 (OP)

Put it in the OP you flaming faggot, I'm not going to click your links.

▶Anonymous 11/21/17 (Tue) 11:40:58 No.825555>>825557

>>825551 (OP)

>no archive link.

Could you at least summarize everything what it's all about.

▶Anonymous 11/21/17 (Tue) 11:48:06 No.825557

File (hide): 3d5710e654f598e⋯.png (138.81 KB, 1024x768, 4:3, ClipboardImage.png) (h) (u)

>>825555 (checked)

Not OP, but...

>In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.

>As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.

>https://archive.fo/q98xo

>https://archive.fo/2017.11.20-214805/https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

▶Anonymous 11/21/17 (Tue) 11:54:34 No.825559>>825609

File (hide): aaa06ee35429f52⋯.webm (4.85 MB, 1920x1080, 16:9, hackingintensify.webm) (h) (u) [play once] [loop]

>Affected products:

> 6th, 7th & 8th Generation Intel® Core™ Processor Family

> Intel® Xeon® Processor E3-1200 v5 & v6 Product Family

> Intel® Xeon® Processor Scalable Family

> Intel® Xeon® Processor W Family

> Intel® Atom® C3000 Processor Family

> Apollo Lake Intel® Atom Processor E3900 series

> Apollo Lake Intel® Pentium™

> Celeron™ N and J series Processors

>Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

>This includes scenarios where a successful attacker could:

>Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.

>Load and execute arbitrary code outside the visibility of the user and operating system.

>Cause a system crash or system instability.

>For more information, please see this Intel Support article

Recommendations:

>The following CVE IDs are covered in this security advisory:

>Intel® Manageability Engine Firmware 11.0.x.x/11.5.x.x/11.6.x.x/11.7.x.x/11.10.x.x/11.20.x.x

TOP WEW

▶Anonymous 11/21/17 (Tue) 13:09:39 No.825587

please install even more botnet so we can fix the existing botnet.

how many of these firmware patches are going to limit your ability to use me_cleaner?

▶Anonymous 11/21/17 (Tue) 13:22:55 No.825594

>>825551 (OP)

$300M OF DIVERSITY

▶Anonymous 11/21/17 (Tue) 13:25:25 No.825596>>825606 >>825623

Minix is a teaching OS and is fucking garbage. What did anyone expect?

▶Anonymous 11/21/17 (Tue) 13:56:13 No.825606>>825611

>>825596

Not only is that opinion non-sequitur, your opinion is simply false.

▶Anonymous 11/21/17 (Tue) 14:02:56 No.825609>>825610 >>825646

>>825559

>6th, 7th & 8th Generation Intel® Core™ Processor Family

how many years back is that?

▶Anonymous 11/21/17 (Tue) 14:05:17 No.825610

>>825609

Skylake, Kaby Lake and Coffee Lake, ergo 2015-now.

▶Anonymous 11/21/17 (Tue) 14:06:34 No.825611

>>825606

imo Tanenbaum gets an F.

▶Anonymous 11/21/17 (Tue) 14:09:40 No.825612

Yeah but who wasn't expecting this was going to happen? Anyway it just confirms my decision to avoid Intel/AMD forever, no matter what they say they're gonna do.

▶Anonymous 11/21/17 (Tue) 14:43:26 No.825623>>825740

>>825596

MINIX3 is NOT a teaching OS.

▶Anonymous 11/21/17 (Tue) 15:07:50 No.825631

Just gonna leave this here. It's guides and stuff on how to reflash the coreboot on chromebooks, getting rid of the included depthcharge and allowing for the removal of ChromeOS. Many Chromebooks are ARM-based, so by degoogling them through a firmware reflash and installation of regular GNU/Linux, this may be a way out.

https://www.coreboot.org/Chromebooks

https://docs.google.com/presentation/d/1eGPMu03vCxIO0a3oNX8Hmij_Qwwz6R6ViFC_1HlHOYQ/edit#slide=id.p

▶Anonymous 11/21/17 (Tue) 16:12:13 No.825644>>825719

File (hide): 699096c7036f940⋯.jpg (35.91 KB, 631x591, 631:591, j.jpg) (h) (u)

>tfw core 2 duo

▶Anonymous 11/21/17 (Tue) 16:14:17 No.825646

>>825609

all systems with ME 11

I bet similar exploits exist for pre-11 versions of the ME but the public won't ever find out about them

>>825551 (OP)

>Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attacker with remote Admin access to the system to execute arbitrary code with AMT execution privilege.

prepare for the next generation of botnets if this can be chained with the recent AMT auth bypass

▶Anonymous 11/21/17 (Tue) 16:39:54 No.825657>>825658

File (hide): a3fe7ee2aa2a9a9⋯.png (509.77 KB, 680x790, 68:79, hummel_beard.png) (h) (u)

WINRAR

attempted translate:

"For me Epi extreme Prio, because see picture (after 2 days off-the-bar-shave)"

▶Anonymous 11/21/17 (Tue) 16:40:15 No.825658

>>825657

fuck wrong thread

▶Anonymous 11/21/17 (Tue) 18:54:59 No.825719

>>825644

Pre-Sandy Bridge CPUs are vulnerable to the memory sinkhole exploit, which is effectively the same as compromising IME (BIOS reflashing included), though you need root or a kernel exploit to use it.

▶Anonymous 11/21/17 (Tue) 19:38:58 No.825740>>826004

>>825623

>it's not a teaching OS

>it's just hopelessly shit and buggy

▶Anonymous 11/22/17 (Wed) 01:56:33 No.825885>>826029

Thank you for the direct links to intel anon. How very kind of you. Good job with the extremely detailed OP as well.

▶Anonymous 11/22/17 (Wed) 07:35:07 No.825990>>825993

> Intel has released a downloadable detection tool

>only Windows and Linux(sic)

What to do if you're on macOS?

▶Anonymous 11/22/17 (Wed) 07:40:45 No.825993>>826018

>>825990

Good point, what if Apple uses some weird proprietary Platform Controller Hub and thus has a non-compliant or even nonexistent Intel ME implementation? You still need to go through Bootcamp to boot into a non-Apple OS after all

▶Anonymous 11/22/17 (Wed) 08:07:17 No.826004>>826085

>>825740

It's not shit nor buggy. Have you ever used MINIX3, or do you parrot shit you read elsewhere as fact?

▶Anonymous 11/22/17 (Wed) 08:42:58 No.826018

>>825993

>You still need to go through Bootcamp to boot into a non-Apple OS after all

I've heard it's not necessary, at least for Ubuntu.

Also, a very long time ago I've booted Win8.1 from USB flash drive on a macbook (it was "installed" there beforehand in a VM) and it also didn't need anything special to boot, only drivers for vidya and shit.

▶Anonymous 11/22/17 (Wed) 08:59:42 No.826029>>826086

>>825885

Why on earth would you need an archive link for Intel's website?

▶Anonymous 11/22/17 (Wed) 12:24:12 No.826085>>826102

>>826004

>it's not shitty nor buggy

>it's just got a lot of buffer overflows leading to ring -2 exploits

▶Anonymous 11/22/17 (Wed) 12:24:45 No.826086

>>826029

Archive everything you faggot.

▶Anonymous 11/22/17 (Wed) 12:46:40 No.826102>>826160

>>826085

>intel modify tons of code, implement the OS at ring -3

>Tanenbaum's fault

Get fucked, moron.

▶Anonymous 11/22/17 (Wed) 14:37:58 No.826160>>826184

File (hide): 8882ba01ffb9c89⋯.png (18.28 KB, 913x107, 913:107, F.png) (h) (u)

>>826102

I don't know who Jewed you into believing MINIX3 wasn't shit, but open your fucking eyes, anon.

▶Anonymous 11/22/17 (Wed) 15:11:58 No.826177>>826733

>being surprised

The whole point of ME and UEFI was to have vulnerabilities there. Intel sells them to NWO, CIA, MOSSAD, NSA, jews

But sometimes some hackers find them out and use them or blackmail intel with them. In that case Intel fixes this one and introduces some other (or already have many spare).

Now even if you are using GNU LINUX, it doesn't matter as ME and UEFI vulnerability will work on your PC too. You and your Linux does not have control over your PC.

▶Anonymous 11/22/17 (Wed) 15:23:19 No.826184>>826241

>>826160

Oh no, a relatively new, and tremendously improved system is marginally slower than the older one (thanks to safe user-mode drivers over in-kernel drivers)... Even though MINIX3 provides massive security increase, self-healing capability and fault-tolerance, with a demonstrably better kernel and userland, you have to insist MINIX 3 is shit because you dug yourself a hole.

▶Anonymous 11/22/17 (Wed) 17:38:21 No.826241

>>826184

t. Tanenbaum

▶Anonymous 11/23/17 (Thu) 17:54:09 No.826733>>826742

>>826177

that was just a conspiracy theory

now we have proof it's insecure

▶Anonymous 11/23/17 (Thu) 18:26:32 No.826742

>>826733

This isn't news that it's exploitable. The memory sinkhole bug came out several years ago. Kaspersky also found HD firmware malware - granted that's not cpu bug, but it shows you the danger of the closed firmware on anything.

/tech/ - Technology★

General

WebM

Theme

User JS

Do not paste code here unless you absolutely trust the source or have read it yourself!

Favorites

Customize Formatting

Filters