Unfixable flaw in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’
- The flaw causes a security feature protecting computer memory to load too late
- This creates a short window in which expert hackers can run malicious code
- The issue stems from uneditable code programmed into the chip at manufacture
- Intel has released patches that should make the weakness harder to exploit
An unfixable flaw present in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’, an expert warns.
The vulnerability arises because a security feature designed to protect malicious edits to the computer’s random-access memory does not launch quickly enough.
This creates a brief window of time in which hackers can run malicious code on start-up, with full system privileges, and bypass other security features.
Although Intel has released patches to make the weakness harder to exploit, the nature of the flaw means that it will likely not be possible to provide full protection.
Scroll down for video
An unfixable flaw present in nearly all Intel chips released in the last five years could allow cyber criminals to hijack computers and wreak ‘utter chaos’, an expert warns
The reason that the security flaw cannot be corrected is that its origin lies in so-called mask ROM — editable, ‘read-only’ memory that is programmed by Intel at the time of each chip’s manufacturing.
It is this memory that boots the security and management firmware that protects various aspects of the computer (and, unlike the read-only memory, is able to be patched with security updates.)
Hackers who succeed in exploiting the flaw can use it to bypass on-chip encryption processes, digital rights management protections and even modify the chip’s firmware to facilitate a variety of malicious actions.
‘Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine,’ a company spokesperson said in a statement.
The flaw, they added, may allow an unauthorised user with specialised hardware and physical access […] to execute arbitrary code within the Intel CSME subsystem on certain Intel products.’
‘Intel released mitigations and recommends keeping systems up-to-date.’
According to Intel, updated machines should be protected unless they are in the physical possession of the computer itself.
The firm has released additional guidance on the security vulnerability, which can be viewed on the Intel website.
Although Intel has released patches to make the weakness harder to exploit, the nature of the flaw means that it will likely not be possible to provide full protection
‘This vulnerability jeopardises everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,’ security expert Mark Ermolov of Positive Technologies wrote in a blog post.
‘The problem is not only that it is impossible to fix firmware errors that are hard-coded in the mask ROM of microprocessors and chipsets,’ he added.
‘The larger worry is that — because this vulnerability allows a compromise at the hardware level — it destroys the chain of trust for the platform as a whole.’
However, Mr Ermolov did note that any hacker taking advantage of the security flaw would need very specialised equipment and considerable experience.
‘Still, the flaw poses a serious threat on unpatched systems and may still be exploitable even on computers that have received updates that computer makers released last year to make exploitation harder,’ he warned.
‘While a potential exploit for this issue appears to be fairly complicated […] the impact is very broad, and the issue cannot be patched via firmware update because it’s in the mask ROM,’ added firmware security firm Eclypsium’s CEO Yuriy Bulygin.