Intel just released patches for a backdoor that basically affects about all their CPUs since 2010.
Make sure you have AMT disabled in BIOS/UEFI ... or quickly grab the patch
How bad is this
That depends. Unless you've explicitly enabled AMT at any point, you're probably fine. The drivers that allow local users to provision the system would require administrative rights to install, so as long as you don't have them installed then the only local users who can do anything are the ones who are admins anyway. If you do have it enabled, though…
further information via http://mjg59.dreamwidth.org/48429.html
 Apples are not affected, as they do not ship with AMT firmware inside Management Engine