Intel processors have a flaw that can kill encryption in your Windows PCs and MacBooks
Security researchers from Positive Technologies have found a new flaw in the latest Intel processors launches in the past five years. These Intel processors are likely to be powering your Windows and Apple MacBook laptops. The flaw is said to fail the hardware-based encryption and DRM protections and can go unnoticed by traditional anti-virus software. Also mentioned on the website's blog post is that Intel's latest 10th-gen processors are not vulnerable to this flaw.
"This vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company's platforms," said Mark Ermolov from Positive Technologies.
The flaw is said to emerge from Intel's Converged Security Management Engine (CSME), which takes care of securing all firmware that run on Intel-based devices. Although Intel is said to have patched the vulnerability, the security researchers say that there still are some loopholes that make the processors vulnerable.
But the researchers have said that it would require a skilled hacker to exploit the flaw. In most cases, they would also require physical access to the Intel-based device. However, if carried, this is said to decrypt hard disk, forged hardware IDs and as mentioned above, kill DRM protections.
"Intel understands they cannot fix the vulnerability in the ROM of existing hardware. So they are trying to block all possible exploitation vectors," adds Ermolov in the post. "We think there might be many ways to exploit this vulnerability in ROM. Some of them might require local access; others need physical access."
This does remind us of the Intel's Meltdown and Spectre vulnerabilities found on its processors back in 2018, the discovery of which led to more flaws. Intel has managed to patch most of them over time but this new flaw once again puts the company in the limelight, not in a good way.