Dive Brief:
-
Intel on Monday revealed details about a vulnerability in firmware designed for enterprise IT management. The flaw could allow cybercriminals to take over remote management functions on processors dating as far back as first-generation Core processors, according to an advisory published by Intel. The first-generation Core was shipped in 2008, according to Computerworld.
-
The vulnerability affects enterprises using Intel Active Management Technology, a feature in Core processors that allows a company to track, manage and secure computers connected to the system, as Computerworld reports.
-
Intel said it’s not aware of any exploitation of the vulnerability to date. The company has prepared a patch and plans to release it soon.
Dive Insight:
Lately there seems to be an increase in the number of companies discovering vulnerabilities in software or hardware released years earlier, making customers that use those products increasingly nervous and potentially vulnerable. Such vulnerabilities may be easier found today as security investigation practices have become more advanced.
Intel is not the first major enterprise provider to discover a lurking vulnerability. Last week, reports surfaced that Microsoft took six months to fix a flaw known as CVE-2017-0199. Meanwhile, hackers used the flaw to launch attacks against online bank accounts in Australia and conduct other nefarious activities. In Intel’s case, with a vulnerability lasting for almost 10 years, there could be flaw exploits that are not yet discovered.
Given that a company might not hear about a vulnerability in a system it relies on until years later, prevention truly remains the best medicine. Investing in best-practice cybersecurity methods and tools and keeping timely backups of company data is mandatory given today’s growing threat environment.
