A security flaw on Intel (INTC -3.67%) CPUs that was supposedly fixed last year, wasn’t, leaving scores of computer users still at risk.
Positive Technology, the security research firm said an error in the chipset’s read-only memory could enable hackers to compromise encryption keys and steal data. The research firm said most of Intel’s chipsets released during the past five years have the security flaw. Making it worse, Positive Technology said it’s “impossible” to detect a key breach and it’s unfixable.
Image source: Getty Images.
“With the chipset key, attackers can decrypt data stored on a target computer and even forge its Enhanced Privacy ID (EPID) attestation, or in other words, pass off an attacker computer as the victim's computer,” wrote Positive Technology in the report.
Intel has been offering software updates to address the vulnerability but Positive Technology said users should move to a tenth generation or later Intel CPU instead. The researchers did note it would require a highly advanced hacker to exploit the vulnerability.
Positive Technology’s latest findings further complicate Intel’s efforts to improve its reputation as security problems plague its processors. In the spring flaws were discovered on Intel CPUs that allow hackers to steal data recently accessed by the processors. Intel issued a patch after the flaw was discovered by researchers at Graz University of Technology. The flaw affects almost every chip Intel made since 2011.
News of the latest Intel flaw comes as the novel coronavirus is causing global business disruptions and negatively impacting the supply chain for a host of technology companies. Both Apple (AAPL -2.41%) and Microsoft (MSFT -1.32%) have warned due to the virus’ impact on smartphone and computer sales. Intel hasn’t seen an impact yet but said recently customers are beginning to suffer.
