Positive Technologies experts discovered a new vulnerability in the latest Intel processors, which is “difficult to use, but absolutely impossible to fix.” This was reported on March 8 by the portal Engadget.
The vulnerability is located in the Intel Converged Security and Management Engine (CSME) unit of the processor, which controls system load, power, firmware, and, most importantly, cryptographic functions. Researchers said the vulnerability could allow hackers to inject malicious code into the system and gain control of the PC.
They write that if attackers have local or physical access to the computer, they can turn off block memory protection, overwrite it, and intercept code execution. Positive Technologies representatives noted that since it is impossible to fix the vulnerability in permanent memory, carrying out such a procedure will be for the hackers only a “matter of time”, after which “complete chaos will reign”.
“Hardware identifiers will be tampered with, digital content will be extracted, and data from encrypted hard drives will be decrypted,” the experts wrote in their report.
In January 2018, experts also discovered a memory flaw in Intel processors. Subsequently, the company said that a similar problem is characteristic not only of its devices, but rather is associated with the shortcomings of the existing approach to the creation and methods of software analysis.