Major security flaw found in Intel Chipset used by most computers

Walden Systems Geeks Corner News Major security flaw found in Intel Chipset used by most computers Rutherford NJ New Jersey NYC New York City North Bergen County
CielView-Server minimizes redundancy in computing resources while allowing users remote desktop access to virtualized user Desktops. CielView-Desktop provides customized solutions to each user in an organization

A serious flaw have been discovered in Intel chipsets dating back at least five years. The flaw is unfixable because it's hard-coded into the ROM, making it impossible for Intel to update. It may also allow hackers to bypass any downstream attempt to secure the machine, including secondary processors like Apple’s T2 security chip. The flaw Positive Technologies found is in Intel’s Converged Security and Management Engine (CSME), which is fundamental to the boot authentication process. Features like Intel’s DRM implementation, Intel Identity Protection, and Intel’s TPM all rely on the CSME.

The vulnerability in ROM enables control over reading the chipset yey and generation of all other encryption keys. One of these keys is for the Integrity Control Value Blob. With this key, hackers can forge the code of any Intel CSME firmware module in a way that authenticity checks cannot detect. This is functionally equivalent to a breach of the private key for the Intel CSME firmware digital signature.


Firmware updates by Intel a year ago was intended as a partial solution to this problem. A year ago, Intel patched CVE-2019-090, an exploit that allowed an attack against the CSME through the Integrated Sensors Hub. Intel is arguing that a hacker requires physical access to the machine in order to carry out this threat. The chipset key extraction hasn't been carried out yet, but this is an attack against the core of the CPU that can't be fixed or patched.