Same as the thread title... Intel patches remote execution that dates back to 2008
"The programming blunder can only be fully addressed with a firmware-level update, and it is present in millions of chips. It is effectively a backdoor into computers all over the world."
-
-
I always had some bad vibe with Intel MEI, now it seems my intuition was correct. Currently I hope Dell issues a patch.
Papusan, bennyg, tilleroftheearth and 1 other person like this. -
Starlight5 Yes, I'm a cat. What else is there to say, really?
Same here. If my systems have vPro either absent or disabled, does it mean that they're safe?
Vasudev likes this. -
-
The dangers of secret proprietary firmware exposed yet again.
I especially like how the onus is on OEMs to provide firmware patches. I don't see Clevo testing and releasing ME firmware updates on my EM series lappys I have...Vasudev likes this. -
Support.2@XOTIC PC Company Representative
Oh boy. Chances everyone pushes an update? I'm guessing fairly low.
bennyg, Papusan, Starlight5 and 1 other person like this. -
I can't event find out a good way to tell if a system has vpro yet. It is supposedly for use as an administrotion tool so more likely on buisness hardware.
Intel has some guides but they list 4 methods and they say that you may have to try all 4. I get the feeling that they are not that reliable. -
Processors with Intel VproTechnology
hmscott, Ashtrix, openglcg and 1 other person like this. -
Support.2@XOTIC PC Company Representative
-
hmscott, Ashtrix, tilleroftheearth and 3 others like this.
-
This is not so clear.
My XPS 15 9550 tested "VULNERABLE" with Intel SA-00075 diagnostic tool.
Although the i7-6700hq doesn't have vPro.
It does have the ME (as any Intel processor since about 2008).
Intel(R) Management and Security Application Local Management Service (in charge of interfacing with the ME) is running, and the version number is not among "resolved". ME itself is programmed by BIOS updates afaik.
There are certain related remote admin facilities in BIOS, but I haven't enabled them.
Dell like Intel claims only systems with "pro" features are affected. Not sure if this is concerning remote hackability only.
Local hackability (assuming first infection by other means) would be bad enough, because it would not be detectable / curable by antivirus.hmscott likes this. -
Starlight5 Yes, I'm a cat. What else is there to say, really?
My TPY 260 with i5-6200u reports as non-vulnerable. MEI is disabled in BIOS.
Last edited: May 10, 2017hmscott likes this. -
M4800 with i7-4800MQ reports not vulnerable (ME not provisioned).
hmscott likes this. -
Download Disable Intel AMT
"Disable Intel AMT is a portable batch file to turn off a known Intel Active Management Technology (AMT) vulnerability with many Intel chipsets in Windows."hmscott, openglcg, tilleroftheearth and 3 others like this. -
Support.2@XOTIC PC Company Representative
-
Try again Disable Intel AMThmscott likes this. -
Support.2@XOTIC PC Company Representative
-
I think most laptops have IMEI disabled by default, so even if you test non-vulnerable now you might be vulnerable with IMEI enabled in the BIOS later.Starlight5 likes this. -
Starlight5 Yes, I'm a cat. What else is there to say, really?
@hmscott I'd try, but it turns out there is no such option... it seems I confused it with some other machine, probably X220 tablet which I owned before - that one comes with AMT and an option to disable it through BIOS. I still have access to one of those, will check it and post here.
hmscott likes this. -
Starlight5 Yes, I'm a cat. What else is there to say, really?
Intel patches remote execution that dates back to 2008
Discussion in 'Hardware Components and Aftermarket Upgrades' started by Papusan, May 2, 2017.