Intel Patches 'Critical' Elevation Privilege Bug in High-End Chips

Intel issued a fix yesterday for a long-standing escalation privilege vulnerability in the firmware of its high-end Active Management Technology as well as its Intel Standard Manageability and Intel Small Business Technology products.

The bug could allow remote attackers to gain control of the network or local system privileges on certain firmware versions of Intel Active Management Technology (AMT), Intel Standard Manageability, and Intel Small Business Technology. The flaw does not exist on Intel-based consumer computers, however, the company says.

"This is a major surprise and a huge risk for those organizations who have AMT systems and using it to remotely manage their systems and applications. AMT allows many organizations to remotely manage hardware and systems including the ability to remote control those systems," said Joseph Carson, Thycotic chief security scientist.

The vulnerability could allow an attacker to remotely control, wipe a device, or disable security features on the systems, he said.

Intel is advising affected companies to check their system with the original equipment manufacturer to see if an updated firmware has been issued. If not, then it is asking users to download its patch.

Read more about the Intel vulnerability here and here..