Отправлено с iPhone
9 мая 2017 г., в 11:34, Marcus Meissner <meissner@suse.de> написал(а):
On Tue, May 09, 2017 at 04:29:25AM -0400, Greg Freemyer wrote: I see nothing to suggest this doesn't impact Linux installs on the affected PCs.
http://www.zdnet.com/article/intel-chip-vulnerability-lets-hackers-easily-re...
"But Embedi warned that any affected internet-facing device with open ports 16992 and 16993 are at risk. "Access to ports 16992/16993 are the only requirement to perform a successful attack," said the Embedi researchers."
The bug is pretty horrendous and gives remote attackers access to the remote console. If you have auto-login enabled it may give the attacker a nice logged in GUI.
This is actually the Intel Management Engine, which is totally out of control of the operating system.
To add - those ports are intercepted by IME before reaching OS. So they are not related to open ports in OS which is running on this system, and closing those ports *in OS* won't fix it in any way.
Yes, close those ports, disanble Intel ME in BIOS etc.
Ciao, Marcus
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org