Intel PMx driver flaw gave hackers complete control of devices

Recently a flaw found in Intel PMx driver has led the tech giant to release an update, this vulnerability could have given the hackers complete control over a targeted device.

The vulnerability was found out by Eclypsium (Firmware security firm) researchers after a deep dive into the state of security with a host of drivers and their interaction with the Windows kernel. Their research was disclosed in August, but the vulnerability was kept quiet as Intel worked to fix it.

The issue stems from how the driver interacts with the Windows kernel and underlying hardware and firmware.

Normally, even if a person has administrator access to a Windows machine, various security protocols and measures restrict what they can do and access at a firmware and kernel level. However, the depth of access the Intel PMx driver could have allowed a compromised administrator account to effectively gain huge levels of control of a computer.

Essentially, a hacker operating in the least privileged user space of a Windows device could have exploited the PMx driver and other vulnerable drivers with their high-level access to the Windows kernel to bring malware to bear in parts of a Windows system where the most privileged access is needed.

Although Intel has come out with a momentary solution with the recent update, it stated that, "The only universally available option possible today is to block or blacklist old, known-bad drivers."