Threat: Critical Intel Chip Vulnerability from manufactures including: HP, Lenovo, Fujitsu, Dell, & Intel, allow hackers to remotely control the computer. Even if the PC is switched off!

Real World Scenarios: A hacker can remotely:

  • capture the keystrokes of your PC thereby stealing usernames and passwords.
  • corrupt the BIOS making your PC unusable until you pay a ransom
  • install undetectable malware
  • slow down internet browsing to a crawl until you pay a ransom
  • turn on your PC after hours and have it run an operating system they control, enlisting it to attack other targets

Mitigation: Here’s what you can do –

  • Use Intel’s scanning tool to determine if your equipment is affected.
  • Check with the PC Manufacturer for an update.
  • If an update isn’t available yet, take the steps outlined in the mitigation guide.

More Info:

The threat has existed since 2010. According to Intel, consumer grade equipment is not affected, but we recommend running the scanning tool just to be safe. Modern Macs, although they use Intel chips, are not affected.

Intel Announcement:
http://newsroom.intel.com/news/important-security-information-intel-manageability-firmware/

Intel Technical Security Advisory – Includes links to scanning tool, manufacturer websites and mitigation guide
http://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

BMT Catch-IT! Zero-Day Windows Flaw