Vulnerability in Intel’s AMT could leave you open to attack

There should be prizes for this. Let’s call them The Oopsies. The most bafflingly easy servers to hijack, turn out to be those running Intel’s Active Management Technology (AMT).

People warned me about this, and I pooh-pooh’d it. Please hand me a scraper so that I can wipe the egg off my face. The servers are so wickedly simple to jack that a third-grader can log into them and merrily do essentially root damage.

+ Also on Network World: The insecurities list: 10 ways to improve cybersecurity +

That the largest server CPU provider on earth doesn’t fall all over itself in sincere apologies (United Airlines gone wrong?) doesn’t surprise me. No one falls on their sword anymore. No one takes product managers out behind the cafeteria and strips the access key fob from the management toy room. It’s all just jolly. Oops. Sorry, folks

Intel, the purveyor of most of the servers that AMD and Oracle don’t sell on the planet, which was already most of them, screwed up—to put it politely. Last week, Intel issued a security advisory saying its AMT, Standard Manageability (ISM) and Small Business Technology (SBT) firmware versions 6 to 11.6 have a vulnerability that allows “an unprivileged attacker to gain control of the manageability features provided by these products.”

Leave a Reply

Your email address will not be published. Required fields are marked *