Cnet reported in early March of this year that a flaw had been discovered in the ROM (Read-Only Memory) of many of Intel’s processor chips. The issue was announced in May of 2019 but updated in March.
Many users have asked me how a processor could have errors in its functions. Processors have had errors or unexpected functions for years, but current systems have microprocessors that are thousands of times more complex than earlier ones and more closely resemble the complex processors of mainframe computers of decades ago, and are even more powerful than they were.
Early large electronic computers had very simple processors with instructions that were created by wiring them directly together. Changes could be made by engineers by moving wires from one place to another or by adding tubes or transistors, depending on the era. This approach was similarly used in many single-chip microprocessors. These designs were inflexible. The operations of the single-chip processors could (generally) not be changed once they were created.
The difficulty in fixing bugs led to the large computers being designed with an interesting approach: instead of executing stored programs directly, the processor looked in a special memory area for instructions on how to execute the stored programs. For instance, a simple instruction to add a and b might have micro instructions along the lines of “clear the adder, get a from memory, add it to the adder, get b from memory, add it to the adder”. Presumably, the result would then be stored somewhere. Those microinstructions are called microcode and stored in memory that the processor can access quickly. The operation of individual instructions (e,.g. add or multiply) could be changed by changing the microcode for the instruction. (As an aside, the floppy disk was developed to load the microcode in IBM mainframes.)
Some computers have changeable microcode and some do not.
In modern microprocessors such as those from Intel and AMD, the processors do a lot more than execute the instructions of operating systems and programs. These processors have “engines” or “subsystems” that provide security or device management functions. These features make the processors more securable and easier to manage, particularly in enterprise environments.
The issue is that as the systems get more complex the greater the possibility of errors. Errors in processing instructions are generally discovered before the chips are sent out to users. Errors in the other engines may not be discovered as quickly. They are generally discovered by security researchers who are specifically looking or vulnerabilities.
In the case of the Intel, vulnerabilities disclosed last year and updated this month, the vulnerabilities were found by Positive Technologies in the Intel Converged Security Management Engine and other subsystems. While difficult to exploit they represent a potentially serious problem. Some aspects of the issue have been addressed with software changes, but some may not be able to be fixed because the software is in ROM.
Intel has advised end-users of the processors (you, me, and the organizations with which we work) to take two important precautions to prevent bad guys from exploiting the bugs: keep the systems physically secure, and keep software updated. These are precautions we advise in e.g. Learning Tree Course 468, System and Network Security Introduction. These precautions are good for many reasons, and now to help mitigate this threat. These vulnerabilities are difficult to exploit and appear to require the ability to act during the boot process, so physical security is essential.