The serious gap can be found in the so-called converged security and management engine, the part of the hardware that is responsible for securing the hardware on the firmware that runs on systems with an Intel drive. Intel’s management engine is responsible for the initial authentication of Intel-based systems by loading and checking all other firmwares for modern platforms.
Intel’s CSME Also Forms The Cryptographic Basis For Hardware
Security technologies that are developed by Intel and used everywhere: This applies among other things to Intel’s own identity protection.
Reports of security vulnerabilities in virtually all current processors and chipsets have now come to light in quick succession. This affects both Intel and AMD.
According to security researchers, AMD is a gap in the processors, about which the manufacturer was informed in summer. Specifically, all current AMD processors are said to have been affected.
The error itself was revealed by the reverse engineering of the prediction mechanism of the L1 cache of the corresponding processors, whereby the researchers claim that attacks via JavaScript were successful. The attacks are said to expose some meta-data, but are not too critical.
Intel has told security experts that the vulnerability is already known and efforts are being made to close all possible attack vectors. According to the experts, this will be a very large task due to the depth of the problem: Intel believes that there are many ways to exploit this vulnerability in ROM. However, many of the attack scenarios require direct access to the systems. Intel currently tells that special hardware is required to use it. The actual impact of the security vulnerability is currently difficult to assess as usual, but experience has shown that panic is also not appropriate, especially for private users.
