Bad news for Intel and for Apple, which is a user of these chips. Especially those Macs prior to the integration of the T1 and T2 chips, that is, those prior to 2016. A new vulnerability has been discovered in them, and the biggest problem is that it cannot be solved, so the security flaw is present continuously.
The new vulnerability allows breaking the chain of trust of many processors and chipsets manufactured by Intel, leaving the doors open to the elimination of encryption and identification protections by hardware and / or DRM.
This vulnerability of the Intel chips, fully affects the FileVault system of the Mac
The vulnerability is concentrated in what is called CSME (Converged Security Management Engine). An element that is responsible for securing the firmware of those computers with an Intel processor, and Macs prior to 2016, have them. Furthermore, this security breach could directly affect the security system. FileVault encryption Of Apple, yes, those Macs that have the chi T1 or T2 are not affected by this failure.
Vulnerability has a double origin, since there is an unsolvable software failure (hard-coded) and an error in the CSME firmware itself, which initiates the authentication process. So, this can not be fixed and it's serious enough that these chips are no longer used in Macs.
In fact, the existence of a future Mac with ARM chip. It is logical, since the Intel are causing too many problems. Some of them have been solved, however this latest discovery means that trust in this company and its security measures has been lost.
Intel, has ensured that with the corresponding updates of the CSME and the BIOS, they will mitigate the possibilities of suffering a local attack and try to block all possible vectors of exploitation. However, they warn that the possibility of a physical attack would break security.
