Intel vulnerabilities are slowly however certainly turning into one thing that’s quite common these days, with researchers lately coming throughout a brand new concern that might enable a malicious actor to extract the {hardware} signing keys from a pc.

Needless to say, the safety flaw, which is tracked as CVE-2019-0090, is worrying for everybody whose gadgets could be impacted, particularly because the variety of exploits launched by attackers with native entry may develop within the quick time period.

But should you’re utilizing a Librem Linux laptop computer launched by Purism, you’re completely protected, as the corporate says its implementation of the Intel ME doesn’t enable an attacker to use the flaw on its Intel-based computer systems.

“The cause our {hardware} isn’t susceptible to this ME vulnerability is much like why we haven’t been susceptible to previous ME exploits like a latest AMT vulnerability,” Purism explains.

“For starters, we disable and neutralize the ME to take away all however essentially the most important modules, which for previous exploits (comparable to AMT vulnerabilities) has meant there was nothing to use. For CVE-2019-0090, the assault is towards a core and elementary module we do embrace, nonetheless as a result of we don’t use Intel {hardware} signing keys for root of belief in any respect, it assaults options we don’t use.”

Full safety

And this doesn’t cease right here. Not solely that Librem Intel-based computer systems, together with right here each the mini-PC, laptops, and servers, aren’t affected as a result of the vulnerability targets a characteristic Purism doesn’t use within the first place, however further protections have additionally been put in place by way of the PureBoot firmware.

“This is as a result of the contents of the ME is a part of the PureBoot firmware picture and is among the many issues that PureBoot exams for tampering. Someone who may modify the ME with an exploit would set off a PureBoot alert the following time the person activates the pc,” Purism notes.

While the Librem lineup of {hardware} just isn’t affected by this safety flaw, it doesn’t imply Linux methods are all protected. The vulnerability impacts all computer systems working on the susceptible Intel platform.