“Unfixable” Intel Hardware Security Vulnerability Could Allow Hackers To Bypass Data Encryption

Researchers at the security firm Positive Technologies discovered a critical and unfixable flaw in Intel’s hardware and its ROM of CSME (Converged Security and Management Engine) framework – leaving millions of computers worldwide vulnerable to attackers. [CVE-2019-0090]

To hack into the systems, attackers would require skills and in most cases physical access, but in some cases, they could create special malware such as keyloggers that will allow them to bypass OS-level protections to perform local access attacks.

On Thursday, Intel has released patches to make it harder for attackers to exploit this vulnerability but the security researchers at Positive Technology said, this wouldn’t be enough for attackers to stop hacking into systems and access encrypted data.

Because the vulnerability is at the hardware level, all the systems that are running on Intel are affected excluding those running on Intel’s latest 10th processors.

Positive Technologies (Source)