Jump to content

Malware uses Intel AMT to bypass Windows Firewall


peteyt
 Share

Recommended Posts

  • Most Valued Members

Saw an interesting article a few days ago about a vulnerability in intel's Active Management Technology (AMT). It uses Serial-over-LAN (SOL) to hide communications from the firewall. This feature creates a virtual serial port for sending and receiving data from an authenticated management console. Basically rather than using the host's networking stack hackers have managed to have malware diverted to the AMT chipset and virtual serial driver. Apparently technically it is not a vulnerability, and is simply misusing the feature on an already compromised network. Administrative rights are apparently needed for this to work. 

hxxp://www.zdnet.com/article/windows-firewall-dodged-by-hot-patching-spies-using-intel-amt-says-microsoft/

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...