Insecure defaults in Intel AMT allow an intruder to completely bypass user and BIOS passwords and TPM and Bitlocker PINs to backdoor almost any corporate laptop in a matter of seconds
F-Secure reports a security issue affecting most corporate laptops that allows an attacker with physical access to backdoor a device in less than 30 seconds. The issue allows the attacker to bypass the need to enter credentials, including BIOS and Bitlocker passwords and TPM pins, and to gain remote access for later exploitation. It exists within Intel’s Active Management Technology (AMT) and potentially affects millions of laptops globally.
The security issue “is almost deceptively simple to exploit, but it has incredible destructive potential. In practice, it can give an attacker complete control over an individual’s work laptop, despite even the most extensive security measures.” said Harry Sintonen, who investigated the issue in his role as Senior Security Consultant at F-Secure.
Intel AMT is a solution for remote access monitoring and maintenance of corporate-grade personal computers, created to allow IT departments or managed service providers to better control their device fleets. The technology, which is commonly found in corporate laptops, has been called out for security weaknesses in the past, but the pure simplicity of exploiting this particular issue sets it apart from previous instances. The weakness can be exploited in mere seconds without a single line of code.
Read the entire release here: INTEL AMT SECURITY ISSUE LETS ATTACKERS BYPASS LOGIN CREDENTIALS IN CORPORATE LAPTOPS
More Intel AMT News
@intel …another bad day; Insecure defaults in #IntelAMT allow an intruder to completely bypass user and BIOS passwords and TPM and Bitlocker PINs to break into almost any corporate laptop in 30 seconds https://t.co/6OcASMknNz
— PeterJopling (@PeterJopling) January 15, 2018
— Mark (@_therealmark_) January 13, 2018
— Denys Flores (@denys_flores) May 10, 2017