Intel chips give access to Active Management without a code

A critical vulnerability in Intel chips discovered nearly a decade ago allows hackers to gain complete control Windows affected without needing a password.

The vulnerability revealed by Intel and marked as critical last week is Intel's Active Management feature (also known as AMT), which allows administrators to remotely run computers. intel

AMT also allows the administrator to remotely control the keyboard and mouse of the computer, even if the computer is off.

AMT is also accessible through the browser even when the remote computer is on . It is protected by a password set by the administrator.

Το πρόβλημα είναι ότι ένας hacker μπορεί να εισάγει έναν κενό κωδικό πρόσβασης και να αποκτήσει πλήρη δικαιώματα στην κονσόλα ιστού, σύμφωνα με ανεξάρτητες τεχνικές αναλύσεις από εργαστήρια έρευνας ασφαλείας.

The of Embedi, who found the , they explained in one white paper published on Friday that the defect exists because the default "admin" account for the web interface can be logged in without the user passwords.

Intel has so far not mentioned how many systems are affected.

However, a search in Shodan, the search for open ports and databases, shows that more than 8.500 devices are currently vulnerable, with 3.000 in the US alone. But there could be thousands of other compromised devices on internal networks.

In a statement, Intel said it was working with partners to address the issue and "expects officials to make updates available from the beginning of the week on May 8."

So far, the DellThe FujitsuThe HP, And the Lenovo have issued safety tips with instructions on when to fix the vulnerability. Consumer devices are not affected by the error.

Intel also published one tracking tool to determine if your systems are affected.

iGuRu.gr The Best Technology Site in Greecefgns

every publication, directly to your inbox

Join the 2.100 registrants.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).