One more. Already in recent times the vulnerabilities discovered in Intel processors are sequential, and it is something that affects the image of corruption. More now, when researchers say this new vulnerability has no solution.
Intel's new vulnerability
Discovered by Positive Technologies researchers, this interruption affects all Intel processes made over the past five years In addition to the tenth-generation Intel Core, Ice-Point chipsets and SoCs. In addition, they have determined that even if the latest version of the firmware is available, the risk is still there, so it is currently uninspired and, they say, will not be resolved.
Risk affects the system Converted Security and Control Engine (CSME), which acts as a small CPU inside the processor that accesses all the data that goes in and leaves it, and is dedicated to the security of the entire SoC. The CSME program is a kind of "black box" that searches all the processor details to avoid the same details being followed by other manufacturers.
Specifically, the vulnerability affects the CSME ROM, and since it's embedded in the CPU itself, it cannot be resolved with a simple firmware update. Positive Technologies researchers described it as follows:
“Unfortunately there is no comprehensive safety plan. Like all security builds, Intel had one weakness: the boot ROM. Being vulnerable to the first stage of the ROM allows control of the readout of the Chipset buttons and the generation of all the other encryption keys that follow. One of these keys is Unity Control Code (ICVB), and with this button an attacker can lie in the code of any Intel CSME firmware module so that true checks are not available. It's the same as violating the digital signature's secret key ».
Your processor may be affected, but you need not worry
As we expected earlier, all the Intel executives made in the last five years, except for the tenth generation, are affected. The only solution that would be, as you would imagine, is to expand the platform to a tenth-generation processor, but it should not be a surprise because a good part of this risk is that as it affects the processor-installed ROM, its violation is unlikely to be long.
This means that in order for a hacker to exploit this vulnerability, Intel processors must have physical access to it, it is undeniable that it can be exploited remotely. Therefore, and although it is a very serious matter, we can remain calm about it.
