July 18, 2018

Intel patches new ME vulnerabilities


In early July, Intel issued security advisories SA-00112 and SA-00118 regarding fixes for vulnerabilities in Intel Management Engine. Both advisories describe vulnerabilities with which an attacker could execute arbitrary code on the Minute IA PCH microcontroller.

The vulnerabilities are similar to ones previously discovered by Positive Technologies security experts last November (SA-00086). But that was not the end of the story, as Intel has now released fixes for additional vulnerabilities in ME.

June 14, 2018

Apple fixed firmware vulnerability found by Positive Technologies

The vulnerability allowed exploiting a critical flaw in Intel Management Engine and still can be present in equipment of vendors that use Intel processors.

Apple released an update for macOS High Sierra 10.13.4, which fixes the firmware vulnerability CVE-2018-4251 found by Positive Technologies experts Maxim Goryachy and Mark Ermolov. For more details, see Apple Support.

May 11, 2018

Take Part in PHDays 8 Online CTF


Positive Hack Days 8 will start in a couple of days, and we have lots of exciting stuff not only for participants who will visit the event at the venue. Two online contests (HackQuest and Competitive Intelligence) have already been finished, but we have more to come.

Starting from May 15 and until May 22, PHDays online CTF will take place. Everyone can participate, challenges vary in difficulty, and are mainly aimed at beginners, but skilled professionals will find it interesting as well.