Previously unknown flaw in Intel chips could allow hackers to steal private data from your computer, security researchers warn
- Using a feature called VISA hackers can gain access to your machine’s memory
- While VISA is turned off, researchers say that hackers can activate it remotely
- The hack can be carried out remotely by using a previous flaw to turn VISA on
- Researchers say that a firmware update by Intel may not go far enough
A recently discovered vulnerability baked inside Intel hardware allows hackers to intercept important data inside one’s computer, say security experts.
The flaw, discovered by the security firm, Positive Technologies, was revealed late last month at a Black Hat conference in Singapore and shows how bad actors can exploit a feature called the The Visualization of Internal Signals Architecture (VISA) to scrape a computer’s memory for sensitive data.
By gaining access to VISA, which is used to test chips before they’re released to the public, hackers can leverage the system to monitor information happening inside a machine’s controller hub — a set of computer chips that controls aspects of the CPU and more — say analysts at Positive Technologies.
According to security experts, an Intel chipset flaw allows hackers to scrape your computers most important information.
‘We found out that it is possible to access Intel VISA on ordinary motherboards, with no specific equipment needed,’ said Positive Technologies expert, Maxim Goryachy, in a statement.
‘With the help of VISA, we managed to partially reconstruct the internal architecture of the PCH microchip.’
While Intel’s VISA tool is turned off by default for all of it’s commercial systems, researchers say that it can activated remotely by exploiting a previous flaw also discovered by Positive Technologies in 2017.
Once accessed, VISA also allows its wielder to create custom rule sets for the computer, giving hackers potentially dangerous levels of control over the machine’s data.
Further compounding the problem, say researchers, is the fact that the task can be accomplished without the use of special hardware.
A firmware update was released by may not go far enough in addressing the issue, say analysts.
‘With the help of publicly available methods, one can access all the might of this technology WITHOUT ANY HARDWARE MODIFICATIONS on publicly available motherboards,’ reads a post on the subject.
WHAT IS THE INTEL VISA FLAW?
According to security experts, a flaw within Intel’s chipset lets hackers access computers’ internal memory.
By exploiting the Visualization of Internal Signals Architecture (VISA) hackers could leapfrog into a machine’s controller hub.
From there, security experts say bad actors could write their own rules and glean much of the machine’s most private data.
While Intel released an update that they say patches the fix, researchers are less certain, citing the ability of hackers to downgrade firmware.
Intel has already released a firmware update to patch up the previously identified flaw, but those who haven’t received the update from their motherboard or laptop manufacturer are still exposed.
The security exploit is not capable of being fixed via routine operating system updates.
In a statement to Forbes, Intel says the exploit was mitigated completely through the firmware patch in 2017, but according to Positive Technologies, hackers can still leverage the flaw by downgrading the machines firmware.
While documentation of Intel’s VISA feature is the subject to non-disclosure-agreements — a choice the company says help keep its customers safer by shrouding its specifications in secrecy — researchers say the choice may also leave users vulnerable to exploits that they can’t even monitor.