Intel controls approximately 90% of the desktop CPU market, the other vendor being AMD. If you have any device with an Intel CPU, then you need to read this article carefully. Recently, a critical bug has been found in the Intel Management Engine, and it has affected millions of CPUs all over the world. The Intel Management Engine Vulnerability is so severe that it allows remote access to the infected PC even when the computer is not running but is connected to the electrical socket. Let’s first discuss what the Intel Management Engine actually is and then move on to how the Intel Management Engine Vulnerability affects you and how you can solve this issue.
What is Intel Management Engine?
Intel Management Engine, or IME, is basically an operating system inside your PC. It sounds shocking, but it’s true – other than the installed operating system, be it Windows or Linux, there is another OS running under that layer which is the Intel management engine. It is a full-fledged OS with full network access.
IME was introduced in 2008, however, Intel never publicly spoke about it, and in fact, there is no official documentation on how it works. However, since this OS is the first software layer after the hardware, somehow gaining access to this OS means your entire system can be compromised despite your main OS providing as much security as possible.
Intel Management Engine Vulnerability and its Effects
Several vulnerabilities have been discovered in the Intel Management Engine, but the most severe one has been found by Mark Ermolov and Maxim Goryachy of Positive Technologies Research. Hackers could remotely launch commands even when the system is turned off, as long as there is current flowing to the hardware (laptop with batteries or desktop connected to the socket) and gain access to the system, meaning they could retrieve all data stored in the system, modify data or even install viruses.
Intel has done a security audit, in response to the list of bugs that were released and has found out four main vulnerabilities in the management engine. Affected systems include not only CPUs for Desktops, but also laptops from brands like HP, Dell, Lenovo, and Alienware.
How to solve Intel Management Engine Vulnerability
First, you need to check if your processor is affected by the bug. Intel has released a tool for both Windows and Linux users. You can download the tool and it should inform you if your CPU is affected. If you find that your CPU is affected by the bug, then currently you can’t do anything except wait patiently. HP, Dell, Lenovo and several other vendors are already working on a fix. They will be releasing the update as soon as possible, so keep a check on your vendor’s website or the vendor’s software center for any updates in the near future.
Hopefully, you have realized how vulnerable your systems are; you might not have the faintest idea when they have been compromised. Hence, it is extremely important to keep your system up to date and install software updates regularly to fix Intel Management Engine Vulnerability issues in the near future.