09 February 22, 07:30
Quote:Continue Reading
More potential attacker vectors that bypass OS security measures
Intel has released a security bulletin with 16 newly-discovered BIOS-related vulnerabilities that allow attackers to use Denial of Service and Escalation of Privilege attacks on a local machine, at the same time bypassing the operating system and its associated security measures. According to Intel, these issues impact its 6th to 11th-Gen Core processors along with its Xeon lineup, including the W, E and D models.
Ten of the vulnerabilities have a 'high' severity rating, meaning they allow unfettered access to the machine, while three are ranked as 'medium' and one is ranked as 'low.'
These new vulnerabilities aren't included in the recent list of Intel/AMD vulnerabilities, nor are they related to the recently-announced BIOS vulnerabilites that impact HP, Dell, Lenovo, and other vendors. Nonetheless, these 16 new vulnerabilities are similar to some because they are BIOS-related. All 16 allow attackers to hijack the BIOS of a computer in order to gain access to the local machine, thereby accessing sensitive data.
Thankfully, Intel notes that all these issues can only be exploited if the attacker has physical access to the machine, so they can't be exploited remotely. For businesses that have secure locations, these vulnerabilities shouldn't be as big of a concern as for personal laptops where malicious actors can easily gain access to the machine.
The issues specifically rely on an assortment of bugs found in Intel's BIOS firmware, including insufficient control flow management, buffer overflow, pointer issues, improper validation, and more. All of these allow attackers to escalate privileges when needed. Others include improper access control and incorrect default permissions that can allow attackers to use denial of service attacks against the local machine.
Most of these BIOS-related vulnerabilities are very impactful as they can effectively bypass nearly all security measures on a local PC. Most security measures run as part of the operating system, or on top of the OS, which only loads after the BIOS runs its initial POST (Power-On Self-Test). This means all regular security countermeasures are unable to protect the system BIOS.
Intel says it is releasing firmware updates to mitigate the vulnerabilities, but it has yet to release a formal roadmap. However, the company says the recommended course of action is to "update to the latest versions provided by the system manufacturer that addresses these issues." It isn't clear that those updates are available yet, though. Below you'll find the list of impacted platforms.
Affected Products:...
- 2nd Generation Intel Xeon Scalable Processor Family
- Intel Xeon Scalable Processor Family
- Intel Xeon Processor W Family
- Intel Xeon Processor E Family
- Intel Xeon Processor D Family
- 11th Generation Intel Core Processor Family
- 10th Generation Intel Core Processor Family
- 9th Generation Intel Core Processor Family
- 8th Generation Intel Core Processor Family
- 7th Generation Intel Core Processor Family
- 6th Generation Intel Core processor Family
- Intel Core X-series Processor Family
- Intel Atom Processor C3XXX Family.