[talk] Intel finally recognizes ME/SPS/TXE security flaws

Isaac (.ike) Levy ike at blackskyresearch.net
Mon Nov 20 16:20:36 EST 2017


Hi All,

Years of warning, but global wailing and gnashing of teeth can commence
...........now:

Intel finally recognizes ME/SPS/TXE security flaws
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

--
Some recent interesting fun on the topic,
https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
https://www.theregister.co.uk/2017/09/26/intel_management_engine_exploit/
And as the topc gains in popularity,
https://www.blackhat.com/eu-17/briefings.html#intel-me-flash-file-system-explained

And in *related* news, has anyone seen this impressive piece of fun:
"The Memory Sinkhole - Unleashing An X86 Design Flaw Allowing Universal
Privilege Escalation"
https://www.youtube.com/watch?v=lR0nh-TdpVg&t=1379s

--
Are we about done with x86 and Intel yet?

Best,
.ike



More information about the talk mailing list