Intel CPUs have serious bug: vulnerable to remote attacks

Intel issues a new security alert, saying that a large range of its CPUs are vulnerable to remote attacks.

1 minute & 45 seconds read time

Intel has found itself in seriously hot water, issuing a new security alert that management firmware on a bunch of new PC, server, and Internet-of-Things processor platforms are vulnerable to a remote attack.

Intel CPUs have serious bug: vulnerable to remote attacks |

Mark Ermolov and Maxim Goryachy of Positive Technologies Research found the new vulnerabilities, which could see attackers remotely launching commands on Intel-based computers. We're talking about most desktop and laptop CPUs launched under the Core brand since 2015, and even Xeon and Atom lines of processors.

Intel CPUs Affected By Remote Attack Bugs:

  • Intel Core processors from the 6th generation ("Skylake"), 7th generation ("Kaby Lake"), & 8th Generation ("Kaby Lake-R" and "Coffee Lake") families-the processors in most desktop and laptop computers since 2015;
  • Multiple Xeon processor lines, including the Xeon Processor E3-1200 v5 & v6 Product Family, Xeon Processor Scalable family, and Xeon Processor W family;
  • The Atom C3000 Processor Family and Apollo Lake Atom Processor E3900 series for networked and embedded devices and Internet of Things platforms, and
  • Apollo Lake Pentium and Celeron™ N and J series Processors for mobile computing.

If you want to see if your system is part of the wave of vulnerable to remote attacks, the company has released a detection tool that you can download right here. The tool is built for enterprise users that can throw up a command line tool that generals XML, so don't expect a flashy UI and ease of use.

Intel's own security team has said that "in response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience".

Intel Management Engine firmware updates v11.0 through to v11.20 were found to have four vulnerabilities, while two more were found in earlier versions of ME. Another two vulnerabilities were discovered in Server Platform Services v4.0 firmware, and another two in TXE v3.0.

Partners React

Dell has since issued a statement advising that over 100 of their systems are affected, including powerful lines like Inspiron, Latitude, Aliwanre, OptiPlex, and more. Lenovo has also warned its users. Dell is expecting new firmware soon, while Lenovo is said to have something new by tomorrow, November 23.


Anthony joined the TweakTown team in 2010 and has since reviewed 100s of graphics cards. Anthony is a long time PC enthusiast with a passion of hate for games built around consoles. FPS gaming since the pre-Quake days, where you were insulted if you used a mouse to aim, he has been addicted to gaming and hardware ever since. Working in IT retail for 10 years gave him great experience with custom-built PCs. His addiction to GPU tech is unwavering and has recently taken a keen interest in artificial intelligence (AI) hardware.

Newsletter Subscription

Related Tags