In recent times we are aware of the existence of various security holes that have been present in the most popular products in the technology market for years. The last to join the list is Intel with a security hole in some of its processors that has been open and unpatched for at least 10 years. Luckily for the domestic market, it only affects a function used by the business and professional environment.
Intel has confirmed the existence of vulnerability in the firmware of some of its processors that allows an attacker to take control of the equipment in question remotely. What is worrying about this security problem is that it has remained dormant for 10 years and the damage it has been causing is unknown.
The vulnerability affects the Intel firmware designed for remote management by IT departments. Anyone using Intel Active Management Technology, Intel Small Business Technology or Intel Standard Manageability should update as soon as possible following advice from the chipmaker.
This security problem can be found in some current Core processors and is present in all released from the first generation that arrived in 2008 (under the name Nehalem). In relation to the firmware, we find it in all versions from 6.0 to 11.6.
Luckily (for domestic consumers), the vulnerability does not affect the consumption range of Intel processors, that is, the ones we have in our homes. The information published by the chip manufacturer indicates that it does not affect the server processors running Intel Server Platform Services.
Intel has not given too many technical details of the discovered security hole and has merely explained that it can be exploited to take remote control of the computer. An attacker could use the equipment without problems, although they affirm that they have no record of real cases.
The manufacturer has already prepared a safety patch for this serious hole and will put it into circulation “as soon as possible”. In this way, all IT departments and other professionals who manage equipment with Intel processors must update as soon as this patch is available.