Intel AMT releases a critical security update designed to address nine separate security flaws in their chipsets as part of their September 2020 Platform Update.
One of the Security flaws addressed by this fix is a critical issue revolving around the company’s Active Management Technology (AMT) and Intel Standard Manageability platforms.
That’s important because AMT uses a wide range of Intel Processors, and correcting that flaw, in particular, helps keep a vast number of machines safe.
This vulnerability tracked as CVE-2020-8758 has a severity score of 9.8 and is especially dangerous because it allows remote escalation of privileges when successfully executed. At the root, the vulnerability exists due to improper buffer restrictions in the network subsystem.
Jerry Bryant, Intel’s Director of Communications, said, “For customers using Intel vPro systems that do not have AMT provisioned, an authenticated user with local access to the system may still be able to escalate privileges. If the platform is configured to use Client Initiated Remote Access (CIRA) and environment detection is set to indicate that the platform is always outside the corporate network, the system is in CIRA-only mode and not exposed to the network vector.”
Do You Need to Update?
The central question then is, are you vulnerable, and do you need the update? The simple answer is that you’re vulnerable if you have any of the following Intel AMT and ISM versions (or older):
If there’s a silver lining, it lies in the fact that there’s currently no evidence that hackers are actively exploiting this flaw.
Naturally, given time, that will change, so the clock is ticking to update your systems.
A full list of the security flaws addressed by the latest Intel AMT update is available on Intel’s website, but if it’s been a while since you’ve applied one, this one is well worth making a priority.