Unfixable Flaw In Intel Chipsets Opens Encrypted Data To Hackers

Unfixable Flaw In Intel Chipsets Opens Encrypted Data To Hackers

If your computer uses an Intel chipset made in the last five years, it could be leaving you vulnerable to hackers thanks to a critical flaw in its read-only memory (ROM). The fix? There isn’t one, really. Not unless you’re willing to shell out for an entirely brand new computer.

Security researchers with Positive Technologies sounded the alarm about the vulnerability in a blog post Thursday, describing it as a doomsday-level threat in no uncertain terms.

“The scenario that Intel system architects, engineers, and security specialists perhaps feared most is now a reality . . . This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company’s platforms,” wrote Mark Ermolov, lead specialist of OS and hardware security.

The break down gets into the weeds a bit, but essentially this flaw allows bad actors to hack your computer’s encryption process, which opens the door to all kinds of industrial espionage and sensitive information leaks. If that weren’t bad enough, the process is completely undetectable since it works at the hardware level, which allows any malicious code to fly under the radar of most traditional security measures. Worse still, virtually Intel chipsets from the last five years carry this vulnerability, Positive Technologies reported.

According to Ermolov, there are multiple ways attackers can get their hands on the chipset’s key, an essential component for unscrambling encrypted messages, through abusing this critical flaw. That’s not to say that any of them are particularly easy feats—remote hacking, in particular, would take a sophisticated hacker armed with significant experience and specialised gear—but the potential for exploitation remains a serious threat.

“For example, they can extract it from a lost or stolen laptop in order to decrypt confidential data. Unscrupulous suppliers, contractors, or even employees with physical access to the computer can get hold of the key. In some cases, attackers can intercept the key remotely provided they have gained local access to a target PC as part of a multistage attack, or if the manufacturer allows remote firmware updates of internal devices, such as Intel Integrated Sensor Hub.”

Intel quickly issued a patch Thursday that makes it harder to exploit this bug and lessens any potential fallout, but it’s impossible to fully eliminate since the issue lies in the chipset’s ROM, which can’t be tinkered with via firmware updates (hence the “read-only” bit).

Short of upgrading your computer to a newer model with a 10th-generation or higher Intel CPU, Positive Technologies recommends disabling the Intel encryption of data storage devices and analyse entire systems to see if they’ve been compromised. Intel’s website also has detailed instructions about its recommendations, including how to get in touch with your device or motherboard manufacturer for updates to address the vulnerability.

[Positive Technologies]