Just over a year ago, a series of security breaches was unveiled in Intel’s processors, leaving tens of millions of computers worldwide vulnerable to attacks. In the race to fix the glitch, updates were released that often slowed down system performance – and are still uncertain that they actually helped . Now, the exposure of information security company Positive Technologies raises concerns for even more serious malfunction.
Company investigators have identified an existing security breach in the software mechanism embedded in Intel processors that have been marketed over the past five years (though not the tenth and current generation), allowing the intruder to take control of the mechanisms used to protect keys. Theoretically, this vulnerability could allow an attacker to access all the information stored on the computer, and it could even install malware to collect information that would run at the hardware level, without the operating system and security software installed there.
What’s more, just like the previous breach, this time, too, is a breach in a hardware system that cannot be updated or changed. Assuming Intel does not intend to replace any processor of its products sold in the past five years, the only solution will probably be software patches through the tablet manufacturers (BIOS) that reduce the attack options, or attempts to detect and alert them.
Intel itself does not deny this, but emphasizes that according to the information in its possession, only direct access to computer hardware is possible – that is, while the attacker is physically near it. Therefore, the company estimates that this is a relatively low risk. Positive Technologies researchers are not convinced, and promise to provide more details in an article to be published soon