[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
www/proprietary proprietary-insecurity.html
From: |
rsiddharth |
Subject: |
www/proprietary proprietary-insecurity.html |
Date: |
Sat, 24 Jun 2017 13:34:35 -0400 (EDT) |
CVSROOT: /web/www
Module name: www
Changes by: rsiddharth <rsd> 17/06/24 13:34:35
Modified files:
proprietary : proprietary-insecurity.html
Log message:
[RT#1212486] Update item on Intel's ME insecurity (INTEL-SA-00075).
CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.64&r2=1.65
Patches:
Index: proprietary-insecurity.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -b -r1.64 -r1.65
--- proprietary-insecurity.html 16 Jun 2017 07:07:25 -0000 1.64
+++ proprietary-insecurity.html 24 Jun 2017 17:34:35 -0000 1.65
@@ -79,6 +79,13 @@
<a
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/">major
security
vulnerability for 10 years</a>.</p>
+ <p>The vulnerability allowed a cracker to access the computer's Intel Active
+ Management Technology
+ (AMT) <a
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/">
+ web interface with an empty password and gave administrative
+ access</a> to access the computer's keyboard, mouse, monitor
+ among other privileges.</p>
+
<p>It does not help that in newer Intel processors, it is impossible
to turn off the Intel Management Engine. Thus, even users who are
proactive about their security can do nothing to protect themselves
@@ -507,7 +514,7 @@
<p class="unprintable">Updated:
<!-- timestamp start -->
-$Date: 2017/06/16 07:07:25 $
+$Date: 2017/06/24 17:34:35 $
<!-- timestamp end -->
</p>
</div>