Most Valued Members peteyt 396 Posted June 14, 2017 Most Valued Members Posted June 14, 2017 Saw an interesting article a few days ago about a vulnerability in intel's Active Management Technology (AMT). It uses Serial-over-LAN (SOL) to hide communications from the firewall. This feature creates a virtual serial port for sending and receiving data from an authenticated management console. Basically rather than using the host's networking stack hackers have managed to have malware diverted to the AMT chipset and virtual serial driver. Apparently technically it is not a vulnerability, and is simply misusing the feature on an already compromised network. Administrative rights are apparently needed for this to work. hxxp://www.zdnet.com/article/windows-firewall-dodged-by-hot-patching-spies-using-intel-amt-says-microsoft/
Recommended Posts