A hidden program called Intel Management Engine (ME), stored on a majority of Intel-based computers, poses such a high security risk that three computer vendors have decided to sell devices with ME disabled.
By using the Trusted Execution Engine (TXE) and Server Platform Services (SPS) alongside ME, your computer can be managed remotely without your knowledge and this can even occur when the device has not been booted but still has power. In this way, an attacker could potentially run malware on a users' computer that would be completely invisible to their OS.
However, to take advantage of most ME's vulnerabilities, an attacker would first need to have physical access to the device they were trying to exploit while some of its vulnerabilities would require administrative credentials to enable remote access which could then be used to exploit the system.
Little is known about Intel ME besides the fact that it is based on the Minix operating system which has been exploited by researchers in the past.
To prevent their users from falling victim to an attack, Dell has decided to sell PCs with ME pre-disabled and two Linux OEMs, System76 and Purism will offer their customers updates to disable the software.
Dell will sell its Latitude 14 Rugged laptop, Latitude 15 E5570 laptop and its Latitude 12 Rugged tablet with ME disabled and the PC vendor is also developing a patch for its existing products.
However, Intel is recommending that users avoid these option with a spokesperson offering more details on the role ME plays on its devices, saying:
"The ME provides important functionality our users care about, including features such as secure boot, two-factor authentication, system recovery, and enterprise device management. Since the described configuration necessarily removes functionality required in most mainstream products, Intel does not support such configurations."
Intel has also released a detection tool so that users can check if their devices are vulnerable.
Image Credit: StockStudio / Shutterstock