Intel AMT Backdoor Keys Updated After Initial Trigger Discovered By Wrong Attackers

Posted on by

The AMT backdoor, an enduring vulnerability in Intel's CPU platforms introduced with the Nehalem series a decade ago is currently being revised, as the criminal organisation known as "the united states government" has discovered that unaligned criminal groups have acquired the means to exploit its current form.

The situation is reminiscent of the USB "bug" in Microsoft Windows on which Stuxnet depended to propagate, where successive generations of patches merely modulated the sequence of events necessary to trigger the exploit without actually closing the underlying hole.

The AMT backdoor is triggered by sending a magic packet to the Intel "Management Engine". There is no way to meaningfully deactivate the hole in any infested machines, which is to say anything containing an Intel processor. Whitelist-only networking may help contain the vulnerability, provided of course that it's not implemented on Cisco equipment.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>