Not long after a few security research groups discovered new vulnerabilities in the Intel Management Engine remote administration subsystem, the chipmaker confirmed these issues in a new security advisory that also lists other bugs that were located in its software tools.

Reviews , News , CPU , GPU , Articles , Columns , Other "or" search relation. 5G , Accessory , AMD , Android , Apple , ARM , Audio , Bay Trail , Business , Cannon Lake , Charts , Chinese Tech , Chromebook , Coffee Lake , Comet Lake , Console , Convertible / 2-in-1 , Cryptocurrency , Cyberlaw , Deal , Desktop , Fail , Foldable , Gadget , Galaxy Note , Galaxy S , Gamecheck , Gaming , Geforce , Google Nexus / Pixel , How To , Ice Lake , Internet of Things (IoT) , iOS , iPad Pro , iPhone , Kaby Lake , Lakefield , Laptop , Launch , Linux / Unix , MacBook , Mini PC , Monitor , MSI , OnePlus , Opinion , Phablet , Project Athena , Renoir , Review Snippet , Rocket Lake , Rumor , Ryzen (Zen) , Security , Smart Home , Smartphone , Smartwatch , Software , Storage , Tablet , ThinkPad , Thunderbolt , Tiger Lake , Touchscreen , Ultrabook , Virtual Reality (VR) / Augmented Reality (AR) , Wearable , Whiskey Lake , Windows , Workstation , XPS , Zen 3 (Vermeer) Ticker

According to Intel, the Management Engine subsystem is needed to provide the best performance possible to the computers powered by the company's chips, its tasks running during the boot process and while the computer is running, as well as during its sleep periods. However, various security firms and experts claim that the Intel Management Engine is a serious privacy concern, some going as far as calling it a backdoor. While Intel always denied the backdoor part, the company has recently confirmed multiple vulnerabilities of the subsystem.

The Intel Management Engine apparently runs Minix 3 and, last month, security firm Positive Technologies revealed that a malicious user can gain full remote access to any computer with IME onboard as long as they can access one of the USB ports of those computers. As it usually happens in such cases, they did not completely uncover how to carry out such an attack but said enough for everyone to figure out that this is not just a minor security flaw.

Yesterday, Intel released a new security advisory that comes with the following highlights:

bugs in the Trusted Execution Engine hardware authentication tool

new vulnerabilities in the Management Engine subsystem

bugs in the Server Platform Services server management tool

In addition to the details on the security flaws discovered after the audit that Intel carried out due to the recent discoveries by third parties like Positive Technologies, the company also published a Detection Tool that Windows and Linux users can use to check if the new vulnerabilities impact their systems or not.