The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    Intel patches remote execution that dates back to 2008

    Discussion in 'Hardware Components and Aftermarket Upgrades' started by Papusan, May 2, 2017.

  1. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    42,708
    Messages:
    29,842
    Likes Received:
    59,625
    Trophy Points:
    931
    Same as the thread title... Intel patches remote execution that dates back to 2008

    "The programming blunder can only be fully addressed with a firmware-level update, and it is present in millions of chips. It is effectively a backdoor into computers all over the world."
     
    Ashtrix, bennyg and tilleroftheearth like this.
  2. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    12,035
    Messages:
    11,278
    Likes Received:
    8,814
    Trophy Points:
    931
    I always had some bad vibe with Intel MEI, now it seems my intuition was correct. Currently I hope Dell issues a patch.
     
  3. Starlight5

    Starlight5 Yes, I'm a cat. What else is there to say, really?

    Reputations:
    826
    Messages:
    3,230
    Likes Received:
    1,643
    Trophy Points:
    231
    Same here. If my systems have vPro either absent or disabled, does it mean that they're safe?
     
    Vasudev likes this.
  4. Vasudev

    Vasudev Notebook Nobel Laureate

    Reputations:
    12,035
    Messages:
    11,278
    Likes Received:
    8,814
    Trophy Points:
    931
    You might be safe, but there might be some ports open used for remote analysis of PC. Dunno what to do now?
     
  5. bennyg

    bennyg Notebook Virtuoso

    Reputations:
    1,567
    Messages:
    2,370
    Likes Received:
    2,375
    Trophy Points:
    181
    The dangers of secret proprietary firmware exposed yet again.

    I especially like how the onus is on OEMs to provide firmware patches. I don't see Clevo testing and releasing ME firmware updates on my EM series lappys I have...
     
    Vasudev likes this.
  6. Support.2@XOTIC PC

    Support.2@XOTIC PC Company Representative

    Reputations:
    486
    Messages:
    3,148
    Likes Received:
    3,490
    Trophy Points:
    331
    Oh boy. Chances everyone pushes an update? I'm guessing fairly low.
     
  7. openglcg

    openglcg Notebook Consultant

    Reputations:
    20
    Messages:
    240
    Likes Received:
    118
    Trophy Points:
    56
    I can't event find out a good way to tell if a system has vpro yet. It is supposedly for use as an administrotion tool so more likely on buisness hardware.

    Intel has some guides but they list 4 methods and they say that you may have to try all 4. I get the feeling that they are not that reliable.
     
    bennyg and Papusan like this.
  8. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    42,708
    Messages:
    29,842
    Likes Received:
    59,625
    Trophy Points:
    931
    You're welcome :vbthumbsup: Processors with Intel VproTechnology



     
  9. Support.2@XOTIC PC

    Support.2@XOTIC PC Company Representative

    Reputations:
    486
    Messages:
    3,148
    Likes Received:
    3,490
    Trophy Points:
    331
    Thanks for posting that. :)
     
    hmscott and Papusan like this.
  10. aaronne

    aaronne Notebook Evangelist

    Reputations:
    321
    Messages:
    466
    Likes Received:
    524
    Trophy Points:
    106
    Software from Intel posted from @_sem_ https://downloadcenter.intel.com/download/26755
     
  11. _sem_

    _sem_ Notebook Deity

    Reputations:
    100
    Messages:
    776
    Likes Received:
    271
    Trophy Points:
    76
    This is not so clear.
    My XPS 15 9550 tested "VULNERABLE" with Intel SA-00075 diagnostic tool.
    Although the i7-6700hq doesn't have vPro.
    It does have the ME (as any Intel processor since about 2008).
    Intel(R) Management and Security Application Local Management Service (in charge of interfacing with the ME) is running, and the version number is not among "resolved". ME itself is programmed by BIOS updates afaik.
    There are certain related remote admin facilities in BIOS, but I haven't enabled them.
    Dell like Intel claims only systems with "pro" features are affected. Not sure if this is concerning remote hackability only.
    Local hackability (assuming first infection by other means) would be bad enough, because it would not be detectable / curable by antivirus.
     
    hmscott likes this.
  12. Starlight5

    Starlight5 Yes, I'm a cat. What else is there to say, really?

    Reputations:
    826
    Messages:
    3,230
    Likes Received:
    1,643
    Trophy Points:
    231
    My TPY 260 with i5-6200u reports as non-vulnerable. MEI is disabled in BIOS.
     
    Last edited: May 10, 2017
    hmscott likes this.
  13. alexhawker

    alexhawker Spent Gladiator

    Reputations:
    500
    Messages:
    2,540
    Likes Received:
    792
    Trophy Points:
    131
    M4800 with i7-4800MQ reports not vulnerable (ME not provisioned).
     
    hmscott likes this.
  14. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    42,708
    Messages:
    29,842
    Likes Received:
    59,625
    Trophy Points:
    931
    Download Disable Intel AMT

    "Disable Intel AMT is a portable batch file to turn off a known Intel Active Management Technology (AMT) vulnerability with many Intel chipsets in Windows."
     
  15. Support.2@XOTIC PC

    Support.2@XOTIC PC Company Representative

    Reputations:
    486
    Messages:
    3,148
    Likes Received:
    3,490
    Trophy Points:
    331
    Link's broken already? I think there's an official version inbound though.
     
    hmscott and Papusan like this.
  16. Papusan

    Papusan Jokebook's Sucks! Dont waste your $$$ on Filthy

    Reputations:
    42,708
    Messages:
    29,842
    Likes Received:
    59,625
    Trophy Points:
    931
    Major Geeks have probably had some problems... @hmscott
    Try again Disable Intel AMT
     
    hmscott likes this.
  17. Support.2@XOTIC PC

    Support.2@XOTIC PC Company Representative

    Reputations:
    486
    Messages:
    3,148
    Likes Received:
    3,490
    Trophy Points:
    331
    Works now thanks.
     
    hmscott and Papusan like this.
  18. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,110
    Messages:
    20,384
    Likes Received:
    25,139
    Trophy Points:
    931
    Just for grins you might enable it and retest :)

    I think most laptops have IMEI disabled by default, so even if you test non-vulnerable now you might be vulnerable with IMEI enabled in the BIOS later.
     
    Starlight5 likes this.
  19. Starlight5

    Starlight5 Yes, I'm a cat. What else is there to say, really?

    Reputations:
    826
    Messages:
    3,230
    Likes Received:
    1,643
    Trophy Points:
    231
    @hmscott I'd try, but it turns out there is no such option... it seems I confused it with some other machine, probably X220 tablet which I owned before - that one comes with AMT and an option to disable it through BIOS. I still have access to one of those, will check it and post here.
     
    hmscott likes this.
  20. Starlight5

    Starlight5 Yes, I'm a cat. What else is there to say, really?

    Reputations:
    826
    Messages:
    3,230
    Likes Received:
    1,643
    Trophy Points:
    231
    @hmscott I tried on Thinkpad X220 Tablet with AMT disabled in BIOS, yet it is still reported as vulnerable by Intel software. I ran Disable Intel AMT linked by @Papusan , hope it helps.
     
    hmscott likes this.