Intel’s ME has a microcontroller that operates with the Platform Controller Hub chip, in combination with combined peripherals. It manages much of the data moving between the processor and external machines and thus has access to a maximum data on the host computer.
If jeopardized, it becomes a backdoor, providing an attacker authority over the affected machine.
That incident set off alarms in May, with the revealing of a vulnerability in Intel’s Active Management Technology, a firmware App that works on the Intel ME.
The announcement prompted calls for a way to incapacitate the poorly read hardware. At the time, the Electronic Frontier Foundation called it a protection hazard. The tech advocacy group needed a way to disable “the undocumented master controller inside our Intel chips” and data about how the technology works.
An informal workaround called ME Cleaner can somewhat hinder the technology, but cannot fully eliminate it. “Intel ME is an irremovable condition with an unknown signed proprietary firmware, with full system and memory access, which poses a grave security threat,” the project explains.
On Monday, Positive Technologies researchers Dmitry Sklyarov, Mark Ermolov, and Maxim Goryachy said they had discovered a way to turn off the Intel ME by setting the undocumented HAP bit to 1 in a form file.
HAP is for high assurance platform. It’s an IT security framework developed by the US National Security Agency, an institution that might want a way to incapacitate a feature on Intel chips that presents a security risk.
“In answer to requests from consumers with specific requirements we sometimes search the change or disabling of certain features,” Intel’s spokesperson said. “In this case, the changes were made at the request of machine manufacturers in the maintenance of their customer’s evaluation of the US government’s ‘High Assurance Platform’ program. These changes underwent a limited validation cycle and are not an authorized supported configuration.”
Take your time to comment on this article.
