Uncategorized

Intel NUC’s Vulnerable to SMM Exploit

A new Intel Security Center advisory:

Intel® Branded NUC’s Vulnerable to SMM Exploit
Intel ID:      INTEL-SA-00057
Product family:      Intel® NUC Kits
Impact of vulnerability:      Elevation of Privilege
Severity rating:      Important
Original release:      Oct 03, 2016
Last revised:      Nov 15, 2016

Intel is releasing updated BIOS firmware for a privilege escalation issue. This issue affects Intel® NUC Kits listed in the affected products section below. The issue identified is a method that enables malicious code to gain access to System Management Mode (SMM). A malicious attacker with local administrative access can leverage the vulnerable BIOS to gain access to System Management Mode (SMM) and take full control of the platform. Intel products that are listed below should apply the update. Intel highly recommends updating the BIOS of all Intel® NUC’s to the recommended BIOS or later listed in the table of affected products. Intel would like to thank Security Researcher Dmytro Oleksiuk for discovering and reporting this issue.

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00057&languageid=en-fr

https://firmwaresecurity.com/2016/10/22/dmytro-takes-on-the-intel-nuc/

Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s