New and unfixable Intel chip flaw discovered putting PCs at risk of attack
Intel has been having a hard time of it lately on multiple fronts and just when it thought it had fixed CPU level vulnerabilities with firmware patches for malware attacks from Meltdown, Spectre and Zombieload, researchers from Positive Technologies have discovered a new hardware level vulnerability. This time, however, the researchers say that it is so deep, that not even a firmware patch will be able to alleviate it in full. The new vulnerability affects most Intel silicon fabricated in the past five years and, according to researchers, “destroys the chain of trust for the platform as a whole”.
The vulnerability exists in the ROM of Intel’s Converged Security and Management Engine (CSME). As there is error in the earliest stages of the subsystem’s operation and in its boot ROM, it compromises entire trust platform. This is because the CSME is “the cryptographic basis for hardware security technologies developed by Intel and used everywhere, such as DRM, fTPM and Intel Identity Protection”. Regardless of any measures that Intel might deploy on a software level, the vulnerability leaves open a hole that authenticity checks will be unable to detect.
On the plus side, most potential attacks would need to be made on a system in person with a platform device capable of performing DMA to Intel CSME static memory resetting it. This would allow the hacker to modify system tables for Intel CSME pages and thus taking over control of the execution flow. Intel’s promised hardware level fixes haven’t come in time for its 9th generation silicon but have been implemented in its 10th generation chips. Although unlikely to affect in a widespread attack, it is yet another embarrassing misstep for Team Blue.