The hijacking flaw that lurked in Intel chips is worse than anyone thought
by admin
A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password.
AMT, which is available with many vPro processors, was set up to require a password before it could be remotely accessed over a Web browser interface. But, remarkably, that authentication mechanism can be bypassed by entering no text at all. According to a blog post published Friday by Tenable Network Security, the cryptographic hash that the interface’s digest access authentication requires to verify someone is authorized to log in can be anything at all, including no string at all.
Recommended Posts
New Attack exploiting serious Bluetooth weakness
August 20, 2019
Critical flaw in VLC Media Player Found
July 21, 2019
