[PConline News] Some time ago, researchers discovered that the management engine "ME" used by Intel's processors in recent years is actually a complete operating system, and has a Ring -3 level of super-privilege, even in shutdown. Under circumstances, this mini system can operate, but Intel has never disclosed similar related information. Researchers say that such an operating system could be a fatal threat if there is a security risk. In recent days, Intel has finally responded by publishing a security hole for the management engine "ME", which is up to 11.
In the previous exposure message, MINIX is a Unix-like super-mini operating system with its own dedicated CPU core and dedicated firmware inside the processor. It is a completely independent operating system and is invisible. The operating system is The user will not see it, the running permission has reached Ring-3, our daily software running permission is Ring3, operating system kernel running permission Ring0, which is the lowest level of authority that our general users can access, but the operation of MINIX Permissions go directly to the Ring-3 level. Even if it is off, MINIX is running without interruption. This is because the ME management engine needs to start the management work at the same time when the processor is started, and it is also responsible for the chip-level security functions.
But with such high authority, once the system is attacked by MINIX, the attacker will take over and obtain the highest authority of the computer and can even operate under the state of being shut down. So when this news was revealed, there were many people who worried that the security flaws that MINIX had would be fatal to the computer.
Recently, Intel released a security report for the exposure of MINIX, acknowledging that the processors of the last three years coexist in the management engine ME11.0.0-11.7.0 version, the trustworthy execution engine TXT 3.0 version, and the server platform SPS 4.0 version. More than 11 security holes, and the environment is MINIX. These vulnerabilities affect a number of processor models, including:
Six generations of Corelake Skylake, Seven generations of Core Kaby Lake, Eight generations of Core Coffee Lake series
Xeon E3-1200 v5/v6 Series
Xeon Scalable Series
Xeon W Series
Atom C3000 Series
Apollo Lake Atom E3900 Series
Apollo Lake Pentium Series Celeron N/J Series
These vulnerabilities can be used to load and execute arbitrary code, which can lead to system instability or even crashes of related PCs, servers, and IoT devices. The entire attack process is invisible to the operating system and users, which means that they cannot be used. Defensively through software!
The exposure of processor-level vulnerabilities this time will have a huge impact. How large is still unknown, but from the description of the security bulletin, it can be roughly understood that this time the matter is very important. Intel also announced at the same time a testing tool available for download (linked at the end of the article) to help Windows and Linux users conduct loopholes. And claiming that the corresponding bug patch has been developed, the purpose of upgrading the user can be achieved through the cooperation of the manufacturer.
The impact of processor-level vulnerabilities will be huge. Except for Intel, it is not known whether AMD's processors have similar vulnerabilities.
Saintish Lithium Deep Cycle Batteries provide 5 years full replacement warranty, the batteries are consists of prismatic cells which are A grade Auto level. Each lithium battery includes an integrated Battery Monitoring System(BMS) to protect battery from over charge/discharge, over temperature and short circuit. The Bluetooth App installed on mobile enable users to monitor battery status easily.
The 12V lithium-ion batteries are perfect for solar system, Caravan, RVs, campers, Yacht, off-grid applications and lead acid replacement.
Lithium Deep Cycle Battery, Lithium Battery Manufacturer, Lithium Iron Batteries 12V, Lithium Batteries for Caravans
Hangzhou Saintish Technology Co.,Ltd. , https://www.saintishtech.com