www/proprietary proprietary-insecurity.html

[rsiddharth]

CVSROOT:        /web/www
Module name:    www
Changes by:     rsiddharth <rsd>        17/06/24 13:34:35

Modified files:
        proprietary    : proprietary-insecurity.html 

Log message:
        [RT#1212486] Update item on Intel's ME insecurity (INTEL-SA-00075).

CVSWeb URLs:
http://web.cvs.savannah.gnu.org/viewcvs/www/proprietary/proprietary-insecurity.html?cvsroot=www&r1=1.64&r2=1.65

Patches:
Index: proprietary-insecurity.html
===================================================================
RCS file: /web/www/www/proprietary/proprietary-insecurity.html,v
retrieving revision 1.64
retrieving revision 1.65
diff -u -b -r1.64 -r1.65
--- proprietary-insecurity.html 16 Jun 2017 07:07:25 -0000      1.64
+++ proprietary-insecurity.html 24 Jun 2017 17:34:35 -0000      1.65
@@ -79,6 +79,13 @@
        <a 
href="https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/";>major
 security
        vulnerability for 10 years</a>.</p>
 
+  <p>The vulnerability allowed a cracker to access the computer's Intel Active
+      Management Technology
+      (AMT) <a 
href="https://arstechnica.com/security/2017/05/the-hijacking-flaw-that-lurked-in-intel-chips-is-worse-than-anyone-thought/";>
+      web interface with an empty password and gave administrative
+      access</a> to access the computer's keyboard, mouse, monitor
+      among other privileges.</p>
+
        <p>It does not help that in newer Intel processors, it is impossible
        to turn off the Intel Management Engine. Thus, even users who are 
        proactive about their security can do nothing to protect themselves 
@@ -507,7 +514,7 @@
 
 <p class="unprintable">Updated:
 <!-- timestamp start -->
-$Date: 2017/06/16 07:07:25 $
+$Date: 2017/06/24 17:34:35 $
 <!-- timestamp end -->
 </p>
 </div>