A lot of PCs will not get fixes for Intel Management Engine flaws until 2018

Earlier this week, we wrote that Intel had patched security bugs in the Management Engine of its processors. This is a pretty controversial feature of Intel's processor platforms because it's basically a hidden layer that runs the MINIX operating system in the processor. Some security experts believe it is an NSA backdoor and now that the first exploits have been discovered they're definitely right that Management Engine is a big security risk.

So far, little attention has been given to MINIX but now that the cat is out of the bag a lot more hackers will focus on this. What makes this so dangerous is that advanced attacks can remain totally hidden from the user, and they're very persistent. Formatting your disk or flashing your BIOS will not clear you from this malware.

A separate problem is that there's no easy way to patch this kind of security flaws. When there's a new bug found in an operating system like Windows, Microsoft can roll out a patch via Windows Update but there's no automated mechanism to update flaws in hidden operating systems that run on a much deeper level.

Every motherboard has its own BIOS so what has to happen is that every single motherboard manufacturer and OEM PC maker needs to compile updates to fix the flaws in the Intel Management Engine. Earlier today, I wrote that Gigabyte rolled out new BIOS updates for its motherboards. We can also see that ASUS rolled out updates for some of its motherboards but a lot of other companies are a lot slower.

A look at Intel's revised security advisory reveals that many products will not be getting an update until January 2018, if not later. Some companies haven't even uploaded support notifications yet, and even Intel isn't planning to roll out updates for its NUC, Compute Stick and Compute Card products until sometime in December 2017.