Just when we were finally starting to forget about Spectre, another critical flaw in many Intel processors comes along. The good news is, it’s difficult to exploit. The bad news is, it doesn’t look possible to fully patch this flaw—your only recourse is to upgrade.
The flaw in question exists in Intel’s Converged Security and Management Engine (CSME), which is a part of the chip that handles the bootup process, among other things. When your first turn your PC on, it does a Power On Self Test (POST), and this chip handles that. It also handles power levels, firmware, and cryptographic functions.
When you boot your computer, the first thing the chip does is protect its own memory as a security caution. Unfortunately, there’s a tiny window of vulnerability that hackers can take advantage of to load malicious code. Because the CSME is so wide-reaching, that malicious code could eventually take over an entire system.
Intel already released a patch that should partially mitigate the problem, but it’s impossible to remove the flaw altogether. The good news is, hackers would need a sophisticated understanding of the problem, along with a unique set of tools, and physical access to your machine to use the flaw to load malicious code on your machine. That lessens the likelihood of widespread issues.
But, for anyone who wants total protection, there’s one option—upgrade to 10th-Generation Intel processors, which don’t have the flaw.