ME! ME! ME! – Intel's management tech gets a quartet of security fixes

Check your computer makers for patches

In case you missed it, Chipzilla has gone public with more security updates for the Intel Management Engine.

The advisories, here and here, address four exploitable bugs.

Positive Technologies, which discussed the bugs in detail here, identified CVE-2018-3628, a “Buffer overflow in HTTP handler” as the most serious.

That's because an attacker on the same network subnet as the target machine can execute arbitrary code execution in the Active Management Technology (AMT) environment, running on top of the Management Engine, without needing administrator access to the AMT account. That would give the miscreant full remote control over the computer.

CVE-2018-3629 is another buffer overrun, this time in the AMT's event handler; while CVE-2018-3632, a memory corruption bug, is only exploitable by a local attacker with admin privilege.

CVE-2018-3627 also needs privileged access: it's a logic bug in the Intel Converged Security Management Engine 11.x that's exploitable to run arbitrary malicious code.

Advisory SA-00112 affects the processor versions below:

Associated CPU Generation Resolved Firmware versions or higher
4th Generation Intel Core Processor Family CSME 9.1.43, CSME 9.5.63
5th Generation Intel Core Processor Family CSME 10.0.57
6th Generation Intel Core Processor Family CSME 11.8.50
7th Generation Intel Core Processor Family CSME 11.8.50
8th Generation Intel Core Processor Family CSME 11.8.50
Intel Xeon Processor E3-1200 v5 & v6 Product Family CSME 11.8.50
Intel Xeon Processor Scalable Family CSME 11.21.51
Intel Xeon Processor W Family CSME 11.11.50

The Intel Core 2 Duo vPro, Intel Centrino 2 vPro, 1st Generation Intel Core, 2nd Generation Intel Core, and 3rd Generation Intel Core won't get patches because they are now so old that Chipzilla no longer supports them.

SA-00118 impacts fewer variants, hitting Intel CSME 11.x in 6th, 7th and 8th Generation Intel Core Processor Family, Xeon Processor E3-1200 v5 and v6 Product Family (Greenlow), and Intel Xeon Processor W Family (Basin Falls).

Now that Intel's advisory is public, it's clear that Chipzilla has known the particulars for some time, and has been privately working with computer manufacturers to push fixes ahead of disclosure. For example, Lenovo emitted firmware fixes in April, and Dell no later than June. ®




Biting the hand that feeds IT © 1998–2018