In its report, Intel explained that the error occurs in the Intel Management Engine (ME), where an attacker could execute a malicious code and thus access privileged information and, if desired, take control of the computer. The failure is present in computers manufactured, approximately, from 2015 onwards. Intel recognized that the vulnerability affects the Intel Core of sixth, seventh and eighth generation, Pentium, Celeron N and J, Atom of the E3900 and C3000 series, and several of the Xeon family. Most discovered vulnerabilities require physical access to the computer, except for a case that does allow a remote attack. According to the reports, the vulnerabilities marked with severity level “important” and simply affect the following Intel processors with Intel ME:-
6th, 7th & 8th Generation Intel® Core™ Processor Family Intel® Xeon® Processor E3-1200 v5 & v6 Product Family Intel® Xeon® Processor Scalable Family Intel® Xeon® Processor W Family Intel® Atom® C3000 Processor Family Apollo Lake Intel® Atom Processor E3900 series Apollo Lake Intel® Pentium™ Celeron™ N and J series Processors
Now, below we have mentioned the list of hardware manufacturers those have already released the list of their laptops, desktops, and workstations which are affected by the critical vulnerabilities:-
Dell – 214 models (unpatched) Dell Server – 16 models (unpatched) Lenovo – 222 models (some models patched) Acer – 242 models (unpatched) Fujitsu – 165 models (unpatched) Intel – 34 (unpatched) HPE Server – Unknown (some models patched) Panasonic – 12 (unpatched)
Solution
Intel made available to users a detection tool compatible with Windows and Linux, as well as patches for their NUC and Compute Stick. The most affected manufacturers are Dell, Lenovo and HP, with more than 100 models each as we already mentioned. It is expected that the solution will be distributed in the coming days through an update. So, what do you think about this? Simply share your views and thoughts in the comment section below.
Δ