A critical vulnerability in the Intel chips discovered nearly a decade ago allows hackers to gain full control of Windows computers that are affected without the need for a password.
The vulnerability revealed by Intel and marked as critical last week is Intel's Active Management feature (also known as AMT), which allows administrators to remotely run computers.
AMT also allows the administrator to remotely control the keyboard and mouse of the computer, even if the computer is off.
AMT is also accessible through the browser even when the remote computer is in sleep mode. It is protected by a password defined by the administrator.
The problem is that a hacker can enter a blank password and gain full access to the console tissue, according to independent technical analyzes by two research laboratories security.
Embedi researchers, who found the error, explained one white paper published on Friday that the defect exists because the default "admin" account for the web interface can be logged in without the user passwords.
Intel has so far not mentioned how many systems are affected.
However, a search on Shodan, the search engine for open ports and fundamentals data, shows that more than 8.500 devices are currently vulnerable, with 3.000 in the US alone. But there could be thousands of other compromised devices on internal networks.
In a statement, Intel said it is working with its partners to address the issue and "expects those responsible to take the updates available from the beginning of the week on May 8".
So far, the DellThe FujitsuThe HP, And the Lenovo have issued safety tips with instructions on when to fix the vulnerability. Consumer devices are not affected by the error.
Intel also published one tracking tool to determine if your systems are affected.