Intel, the world’s largest supplier of chips used in computers and laptops, has disclosed details of a major security flaw.
The bug, which potentially affects thousands of Windows users worldwide, lay undiscovered for the best part of a decade and can allow hackers to gain control of your PC without a password and even when it is turned off.
The bug lets hackers take control of your mouse and keyboard remotely, granting them full access to all the files on your PC, while at the same time letting them install viruses and malware onto your hard drive.
The flaw is made possible as it allows hackers to bypass Intel’s security on what is known as the AMT port, which is typically used by IT departments and network administrators to remotely access computers in order to provide technical support and install software.
The flaw was first revealed by Intel last week, but it has now been discovered that exploiting it as easy as simply ignoring the password requirement at the point of login.
Researchers from security firm Embedi were the first to report the issue to Intel and have now revealed that by leaving the password field blank is enough to allow a hacker to get access to the AMT system.
“We’re able to manage the AMT via the regular web browser as if we’ve known the admin password,” the firm revealed.
“Keep silence when challenged and you’re in.”
Intel has not publicly revealed how many users are affected and the AMT system only exists on business computers and laptops rather than on consumer devices. However, if you have every connected your laptop or computer to your work network, there is a chance you personal data could still be compromised.