On Thursday, September 21, 2017 at 12:08:41 PM UTC-4, Hugo Costa wrote:
> On Thursday, 21 September 2017 07:23:01 UTC+1, Alex  wrote:
> > Replying to this thread to report that somebody DID ACTUALLY find an
> > exploitable vulnerability in the latest IME 11+, and they will be
> > sharing nothing less that this UNSIGNED CODE EXECUTION vuln at blackhat
> > europe 2017.
> > 
> > Abstract here:
> > https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668
> > 
> > Title is pretty scary, but we'll see if it's actually that dangerous...
> > 
> > -- 
> > Alex
> 
> Was going to post the same. 2 Russian researchers that a couple weeks ago 
> found out a way to clean some modules on Intel ME now have found a 
> significative exploit that allows them to actually run code on a piece of 
> hardware with direct access to the network. The scary thing is - it's 
> impossible to detect.

and thats prolly just what we know about lol.

-- 
You received this message because you are subscribed to the Google Groups 
"qubes-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to qubes-users+unsubscr...@googlegroups.com.
To post to this group, send email to qubes-users@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/qubes-users/c993f589-1ef2-40d3-823e-88f6de5313ac%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to