Flaws in Intel chips could render many of the security features useless in chips made by the chipmaker, according to foreign media reports. Apple’s latest Macs are safe, though.
Vulnerabilities inherent in Intel chips have been a common theme in the industry for the past few years. These critical flaws, such as security flaws such as Meltdown, Spectre, and ZombieLoad, affect nearly all Intel chips and the devices on which they are installed.
In 2019, security researchers at Positive Technologies, the world’s leading security firm, discovered another issue with Intel chips. Specifically, it’s a vulnerability that affects Intel’s Converged Security Management Engine, which runs on Intel hardware and is an important feature of Intel technology and firmware.
Along with loading, changing BIOS and power management firmware, Intel’s Converged Security Management Engine also provides a “cryptographic foundation” for functions such as Digital Rights Management (DRM) technology, firmware-based Trusted Platform Modules (TPMs) or Intel Your own Enhanced Privacy ID, etc.
In 2019, Intel released a patch in an attempt to address this issue. But researchers at Positive Technologies found that Intel’s move was much worse than initially expected. New research published Thursday shows that a vulnerability could be exploited to recover the root password key, potentially allowing an attacker to access all data content on a device.
This security breach would be a significant problem for DRM protection. If the flaw is exploited by an unscrupulous hacker, the flaw can be used to decrypt port access from the affected device. Even more serious, hackers could exploit the flaw to take control of Intel’s servers.
While flaws in Intel’s chips have affected Apple devices in the past, the flaw doesn’t affect Apple’s recent Macs with T1 or T2 chips. Since these chips are based on first-party technology, users’ encryption keys are safe.
Of course, older Macs without T-series chips, or the current iMac line (excluding the iMac Pro), may be vulnerable to exploitation and may have security holes that affect FileVault encryption. The bug has not been patched, and Intel advises users to be on the safe side and not click on unsolicited ads or links. If users use their own devices with such vigilance, there is no way for malicious attackers to attack users’ devices.
Intel chips from the past five years have contained unfixable vulnerabilities. For example, the vulnerability CVE-2019-0090 is located in the masked read-only memory (mask ROM) of the Intel CPU and chipset subsystem CSME and cannot be fixed by updating the firmware.
Intel says it’s trying to block any possible exploit vectors, but security researchers point out that the chip giant’s current patch can only block one of them.
But Intel points out that the company’s tenth-generation chips are safe. This flaw in Intel’s chips, along with other similar security flaws in the company’s chips, could be one of many potential reasons why devices like Apple’s Mac will soon feature ARM-based processors.