Intel just can't get a break. Well it is broken

Just when you thought it was safe go back on the Internet with your PC…

The CSME or the computer in charge of starting your computer, a 486 if you must know, boots up first and then creates it tables and encrypts them. This is vulnerable to attack!

I love the Register’s description. It is like shooting fish in a barrel, well, a lone fish, in a tiny barrel, 1,000 miles away!

Yes, you could hijack the PC, disable DRM and snaffle keys… If you can get a piece of extra hardware onto the device, that boots quicker than the 486 based CSME and can make a DMA write into its protected memory, which is not part of main system memory…

An interesting theoretical attack, found through RTFM, so somebody does read that documentation then! But not really much to worry about in practice. It is certainly another ball drop by Intel, but hardly likely to cause the chaos that some shouty security botherers would have you believe.

Only the current 10th Gen Ice Point chipset isn’t affected, all other Intel chipsets are open to attack, by someone with a long barrelled gun that can sight around the curvature of the Earth and hit a minnow between the eyes at 1,000 miles…

Not something to worry about today… but as Bruce Schneier points out attacks only get better.

Here the take from Ars:

Yea, the “what ifs” get pretty long to utilize that attack. I am not worried

That is my take as well. It is yet another piece of poor engineering - and designed in - but you have a couple of milliseconds at boot time / wake-up time to break into the ME and you need additional special hardware attached to the device.

Yes, but it would be great for the CIA/NSA to make sure an intercepted (temporarily redirected) new in box PC has features the eventual owner might really rather it did not.