Intel ME/AMT Hardware backdoor being exploited in the wild
Posted: Tue May 02, 2017 10:32 am
Hi,
Intel just released patches for a backdoor that basically affects about all[1] their CPUs since 2010.
Make sure you have AMT disabled in BIOS/UEFI ... or quickly grab the patch
How bad is this
That depends. Unless you've explicitly enabled AMT at any point, you're probably fine. The drivers that allow local users to provision the system would require administrative rights to install, so as long as you don't have them installed then the only local users who can do anything are the ones who are admins anyway. If you do have it enabled, though…
further information via http://mjg59.dreamwidth.org/48429.html
[1] Apples are not affected, as they do not ship with AMT firmware inside Management Engine
Intel just released patches for a backdoor that basically affects about all[1] their CPUs since 2010.
Make sure you have AMT disabled in BIOS/UEFI ... or quickly grab the patch
How bad is this
That depends. Unless you've explicitly enabled AMT at any point, you're probably fine. The drivers that allow local users to provision the system would require administrative rights to install, so as long as you don't have them installed then the only local users who can do anything are the ones who are admins anyway. If you do have it enabled, though…
further information via http://mjg59.dreamwidth.org/48429.html
[1] Apples are not affected, as they do not ship with AMT firmware inside Management Engine