A major security flaw has been discovered in the architecture of Intel processors, which could render hardware-based encryption and DRM protection purposeless. Most modern Intel processors released in the last five years are affected by this security flaw. Since the flaw exists on the hardware level, it would be impossible to fix it without completely overhauling the hardware.
With the security flaw present, it could easily allow hackers to come with special malware that can run at the hardware level and cannot be detected by traditional antivirus programs. However, Intel's latest 10th generation processors aren't affected by this flaw.
The flaw was first discovered by a security firm Positive Technologies. The blog post sends out a warning stating, "this vulnerability jeopardizes everything Intel has done to build the root of trust and lay a solid security foundation on the company's platforms."
Flaw that is impossible to fix
The blog continues to explain that the root of the flaw exists in Intel's Converged Management Engine (CSME), which is responsible for securing all firmware that runs on computers powered by Intel. Previously, Intel has patched flaws in the CSME by rolling out a security patch. However, researchers claim that the current flaw renders the CSME firmware unprotected when the computer is booting up, which is open to attacks.
The author continues to describe, "the problem is not only that it is impossible to fix firmware errors that are hard-coded in the Mask ROM of microprocessors and chipsets...The larger worry is that, because this vulnerability allows a compromise at the hardware level, it destroys the chain of trust for the platform as a whole."
When these Intel-based machines are attacked by malware that could bypass OS-level protection, it could lead to decryption of files, forging of hardware IDs, and even extraction of content under DRM protection.
Ars Technica notified this information to Intel and the company responded rather nonchalantly stating, "Intel was notified of a vulnerability potentially affecting the Intel Converged Security Management Engine in which an unauthorized user with specialized hardware and physical access may be able to execute arbitrary code within the Intel CSME subsystem on certain Intel products."
Additionally, Positive Technologies is considering to provide additional information on this issue in a white paper so that other security researchers could study the flaw to gain additional insights.