Intel CSME bug is worse than previously thought

From zdnet.com

Intel CPU

Security researchers say that a bug in one of Intel’s CPU technologies that was patched last year is actually much worse than previously thought.

“Most Intel chipsets released in the last five years contain the vulnerability in question,” said Positive Technologies in a report published today.

Attacks are impossible to detect, and a firmware patch only partially fixes the problem.

To protect devices that handle sensitive operations, researchers recommend replacing CPUs with versions that are not impacted by this bug. Only the latest Intel 10th generation chips are not vulnerable, researchers said.

Read more…