Intel AMT Releases Security Update For Some Processors
Recently, Intel released a very important update designed to address nine separate security flaws in their chipsets as part of their September 2020 Platform Update.
Of the flaws addressed by this fix, one of them is a critical issue revolving around the company's Active Management Technology (AMT) and Intel Standard Manageability platforms.
That's important because the AMT is used in a wide range of Intel Processors and correcting that flaw in particular helps keep a vast number of machines safe.
This vulnerability, tracked as CVE-2020-8758 has a severity score of 9.8 and is especially dangerous because it allows remote escalation of privileges when successfully executed. At the root, the vulnerability exists due to improper buffer restrictions in the network subsystem.
Jerry Bryant, Intel's Director of Communications, had this to say about the issue:
"For customers using Intel vPro systems that do not have AMT provisioned, an authenticated user with local access to the system may still be able to escalate privileges. If the platform is configured to use Client Initiated Remote Access (CIRA) and environment detection is set to indicate that the platform is always outside the corporate network, the system is in CIRA-only mode and not exposed to the network vector."
The central question then, is are you vulnerable and do you need the update? The simple answer is that you're vulnerable if you have any of the following AMT and ISM versions (or older):
If there's a silver lining to be found, it lies in the fact that there's currently no evidence that this flaw is being actively exploited by hackers.
Naturally, given time, that will change, so the clock is ticking to get your systems updated.
A full list of the flaws addressed by the latest update is available on Intel's website, but if it's been a while since you've applied one, this one is well worth making a priority.