By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers. The attacker does need to have physical access to the laptop but there are several scenarios where this could prove to be a trivial issue.
Rather, it was an issue within Intel Active Management Technology (AMT), "which is commonly found in most corporate laptops, (and) allows an attacker to take complete control over a user's device in a matter of seconds", the cybersecurity firm said.
For more details, see F-Secure's FAQ on the flaw.
The security issue "is nearly deceptively simple to exploit, but it has incredible destructive potential", said Harry Sintonen, the senior security consultant at F-Secure who came across the flaw. "In practice, it can give a local attacker complete control over an individual's work laptop, despite even the most extensive security measures".
Intel AMT is created to enable remote access monitoring and maintenance of corporate-grade personal computers, and is typically used by IT departments or managed service providers to manage devices.
The setup is simple: an attacker starts by rebooting the target's machine, after which they enter the boot menu.More news: Chicago Bridge & Iron (NYSE:CBI) Receives Media Impact Score of 0.08
Intels Management Engine BIOS Extension, or MEBx, contains the standard log-in combination "admin", "admin" and because many users simply do not change it, according to F-Secure this opens the door to an easy to set-up attack.
From there, the attacker can edit the default password and enable remote access for themselves.
But once they had re-configured AMT, they could effectively "backdoor" the machine and then access the device remotely, by connecting to the same wireless or wired network as the user, F-Secure said. Access to the device may also be possible from outside the local network via an attacker-operated CIRA (client-initiated remote access) server.
"If you leave your laptop in your hotel room while you go out for a drink, an attacker can break into your room and configure your laptop in less than a minute, and now he or she can access your desktop when you use your laptop in the hotel", he said.
Sintonen and his colleagues at F-Secure have come across the issue repeatedly since early summer a year ago.
F-Secure said Friday it had found a serious flaw in Intel hardware which could enable hackers to access corporate laptops remotely.More news: Oprah Winfrey is More Popular Among American Voters than Donald Trump
However, F-Secure believes that the "pure simplicity of exploiting this particular issue sets it apart from previous instances".
"The issue potentially affects millions of laptops globally".
F-Secure said in a statement that the flaw had nothing to do with the "Spectre" and "Meltdown" vulnerabilities recently found in the micro-chips that are used in nearly all computers, tablets and smartphones today.
F-Secure's research indicates that some system manufacturers were not requiring a BIOS password to access MEBx.
But Intel says the default password problem should be addressed by the equipment manufacturers who use its chips, noting that it has long recommended that OEMs set their systems so that the BIOS password is needed before AMT can be provisioned.
Go through all now deployed devices and configure the AMT password or disable the functionality altogether. If the password is already set to an unknown value, consider the device suspect.More news: Hexavest Inc. Sells 5880 Shares of Alibaba Group Holding Ltd (BABA)