A Finnish data security firm called “F-Secure” just reported an issue with Intel’s Active Management Technology (AMT) that could allow a hacker to completely bypass the machine’s normal login procedure and take control of the target device in under a minute.
AMT is an admin-level feature that allows organizations to control and manage large numbers of PCs and workstations quickly and efficiently via remote. To take advantage of the flaw, a hacker would need physical access to the machine, which is its one saving grace. However, if they have that, they can take complete control even if a BIOS password has been set.
While other research teams have discovered AMT vulnerabilities in the past, this one deserves special attention for three reasons:
- Once in control, the hacker could gain remote access to whatever network the machine is attached to at some later point.
- It affects almost all intel laptops, and odds are that if you’re a business owner, there are a number of laptops with Intel chipsets connected to your network
- It’s an incredibly easy flaw to exploit, requiring no code whatsoever.
F-Security Research Harry Sintonen had this to say about it:
“The attack is almost deceptively simple to enact, but it has incredible destructive potential. In practice, it can give a local attacker complete control over an individual’s work laptop, despite even the most extensive security measures.”
It should be noted that this flaw is in no way related to the Spectre and Meltdown vulnerabilities that have been reported on earlier, giving Intel a trio of nasty problems to deal with right at the start of the new year.