System administrators managing Intel Core and Intel Xeon processors in their infrastructure have some work to do. Hardware-borne firmware, the cyber weapon of choice for modern hackers, sneaks into systems where AV tools and firewall scans can’t see.
Security experts found a nasty batch loitering in Intel desktop CPUs and Xeon server processors this week (Nov. 21). Thousands of workstations, servers, and IoT smart devices are threatened.
Intel has identified the impacted CPU firmware, so hopefully the holiday goes undisturbed for IT crews. See below for Intel processors that build-in the firmware in question.
Impacted firmware
- Intel ME Firmware versions 11.0.0 thru 11.7.0 (surprise, surprise)
- SPS Firmware v. 4.0
- TXE v. 3.0
Intel processors potentially compromised
- All Intel Core CPUs—generations 6, 7 & 8
- Intel Xeon server processors designated as E3-1200 v5 and v6
- Intel Xeon W series
- E3900: Atom and Pentium
- Intel Celeron Series N & J
How to check your Intel hardware for compromised firmware
Windows and Linux users may download INTEL-SA-00086, a detection tool for finding known CPU exploits. Call Intel directly with questions about using the tool, or any silicon-chip related topics pertaining to firmware infections. OEM computer manufacturers are offering additional support for finished PCs.
- Acer: Support Information
- Dell PC: Support Information
- Dell Server: Support Information
- Fujitsu: Support Information
- HPE Servers: Support Information
- Intel Mini-Computers (NUC, Compute Stick & Card): Support Information
- Lenovo Support Information
- Panasonic: Support Information
What About Apple users?
Intel isn’t listing a course of action yet. Usually MacBooks have one fix scenario: head to the Genius Bar and bring your wallet. Dollars to donuts your “logic board needs replacing,” a $600 invoice to unscrew/screw a $100 part into your fashion PC.
What type of threats does this firmware bug pose?
Each varies, but the common thread involves giving unauthorized access to execute arbitrary code within your PC or server system. Depending on the prowess of the hacker, consequences range from data theft or ransoming entire RAID arrays of confidential data. Intel goes into more depth about the potential havoc you’re potentially facing when Intel Core and Intel Xeon Processors are compromised.
