Geeks2U Promise
We guarantee you'll love our fast, friendly service - or we'll refund your money.  
133,572 Happy Customers & Counting
Need tech support?
1300 769 448
Extended hours, 7 days a week
Home  /  geekspeak  /  Intel’s latest flaw could put your computer at risk

Intel’s latest flaw could put your computer at risk

Quite often these days when we hear about a major security flaw, it’s to do with the underlying software that we’re running on our PCs, whether it’s a dodgy browser exploit, some kind of flaw in productivity software or even “free” content sites that are awash with malware. It’s not quite so often that we hit underlying issues with the actual hardware that we use every day, but that’s the unfortunate position that hardware giant Intel has found itself in, with a slew of potential high severity exploits affected its recent processor ranges.

This is exceptionally bad news, because the odds are very good that you’ve got at least one product that could bear that iconic “Intel Inside” sticker, whether it’s a Windows laptop, Macintosh desktop or even any number of server or higher end business systems that rely on Intel’s top-tier Xeon processor families.

The flaw affects the underlying architecture that loads well before your operating system does, affecting issues with the Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE). The Management Engine can be used by administrators for maintenance tasks, and it’s essentially a sub-processor that runs its own tiny operating system in order to do so. In order to allow administrators (who should have access, after all), the Management Engine can power up a switched-off PC and run necessary upgrade and checking tasks for an entire fleet of PCs, typically with management technology enabled on the system. Or in other words, it’s usually only a concern for those who run entire fleets of PCs, but it’s not clear if the identified flaws could also be exploited on consumer PCs.

Flaws were also identified in the Trusted Execution Engine, which handles hardware authentication, and also the Server Platform Services, which works in a similar fashion to the ME, but for systems acting as servers. The flaws were identified by external researchers to Intel, and the processor giant then undertook a full audit of those services to check the authenticity of their claims. Sadly, they are vulnerable, at least in theory.

To be specific, Intel has identified that there’s a potential issue with any system running any of the following processors:

  • 6th, 7th, and 8th generation Intel Core Processor Family
  • Intel Xeon Processor E3-1200 v5 and v6 Product Family
  • Intel Xeon Processor Scalable Family
  • Intel Xeon Processor W Family
  • Intel Atom C3000 Processor Family
  • Apollo Lake Intel Atom Processor E3900 series
  • Apollo Lake Intel Pentium Processors
  • Intel Celeron N and J series Processors

If you’re reading that list and figuring that maybe you have an Intel-based system, but wouldn’t know a Celeron from a stick of celery, help is at hand. Intel has released a detection tool for Windows/Linux users to help identify if they’re running on a system with the flaw, as well as guidance on how to update the firmware to close off the security hole, which you can find here.

From what’s been announced so far, the one bit of good news is that Intel-based Macs don’t seem to be affected, but even there, it’s wise to keep ahead of any security alerts and keep your system up to date. It’s always going to be a cat and mouse game, and nobody wants their system to be the unlucky mouse.

Share

Recent News

I’m old enough to remember the days when you’d buy a roll of film, put it into a camera and take pictures that you never really “saw” until you’d taken them to a specialist processing store (often a chemist) and paid for their printing. Some were great, most were ordinary, and almost inevitably somebody would… More 

A little TLC — or a willingness to run some simple hacks — can make a big difference in how long your computing hardware will last. I was reminded of this recently while visiting a relative of mine who asked if I could help fix up her shaky Skype connection, and especially the audio levels… More 

Microsoft had been promising for some time that its latest large scale update to the Windows 10 operating system would arrive in October — and went so far as to simply call it the “Windows 10 October 2018 update”, as if to prove the point. At its event to launch its new range of Surface… More 

Apple has recently updated its desktop operating system, macOS to version 10.14, better known as “macOS Mojave”. If you’re curious, after years of naming its operating systems after large felines, it switched a few years back to California landmarks. The upgrade to macOS Mojave is one that you should be prompted to make if you’ve… More