Major, ‘unfixable’ flaw detected in Intel processing chips

Avatar Written by Taha Abdullah ·  1 min read >

Security researchers claim to have found a massive security flaw in the present-day Intel chips.

The flaw is within the Converged Security and Management Engine (CSME) of the chip-set. The CSME controls the system boots, the power levels of the devices, the firmware, and the cryptographic functions. The flaw found can be used to break into the CSME, insert malicious code, and eventually, control all these functionalities.

A Security research firm known as Positive Technologies discovered the flaw and reported it last Thursday. This comes at a bad time for Intel as many flaws such as Meltdown and Spectre, and their successor, the ‘ZombieLoad’ were found recently, within the last three years.

The CSME is the first thing that turns on when your machine is booted up. It has its own processing unit, RAM, and ROM. Because it oversees the system’s firmware, one of the first thing it does is protect its own memory from malicious attacks and the likes. There is, however, a lag in the system and, for a brief period, the CSME is vulnerable and its data and memory remain unprotected. Hackers can launch a DMA transfer to the CSME’s memory in that time and take over the controls of the chip.

Security experts are deeming this flaw ‘unfixable’ and Intel’s integrity and reputation are being put on the line. Security researcher, Mark Ermolov has claimed that this “vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms.”

It has, however been mentioned that this flaw is extremely difficult to exploit. Hackers would, in most cases, need physical access to the device and the chip-set as well as additional specialized hardware equipment. Intel has spoken up about the flaw and have thus far told their users to keep their systems up to date with the newest software updates. They have also updated the security concerns and advisory page related to the CVE-2019-0090 on their website.