Intel Active Management Technology - AMT Flaw Password Bypass Threat
The critical Active Management Technology - AMT - flaw present in the firmware running on many Intel chips since 2010 is worse than feared, security researchers warn. In particular, the flaw can be easily exploited to allow a remote attacker to take control of vulnerable systems without even having to enter a password.
Here's Intel official response
Action choose 2 from above;
1. Download MSI install, double click to install.
2. When completed search for Intel-SA-00075 Discovery Tool
3. Run it results, in Unknown
< span class="c1">As per INTEL-SA-00075 Detection Guide[3] recommends further investigating manufacturers link below.
Here's Intel official response
- Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege[1] - read this
- INTEL-SA-00075 Detection Software and Guide[2] - how to solve it
Action choose 2 from above;
1. Download MSI install, double click to install.
2. When completed search for Intel-SA-00075 Discovery Tool
3. Run it results, in Unknown
< span class="c1">As per INTEL-SA-00075 Detection Guide[3] recommends further investigating manufacturers link below.
In my case Gateway is owned by Acer, so I have to check link below, but is not supported :(
As Intel becomes aware of computer maker schedules for updated firmware this list will be updated:
- HP Inc. - http://www8.hp.com/us/en/intelmanageabilityissue.html[4]
- HP Enterprise - http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html[5]
- Lenovo - https://support.lenovo.com/us/en/product_security/LEN-14963[6]
- Fujitsu - http://support.ts.fujitsu.com/content/Intel_Firmware.asp[7]
- Dell Client - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914[8]
- Dell EMC - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937[9]
- Acer - https://us.answers.acer.com/app/answers/detail/a_id/47162[10]
- Asus - https://www.asus.com/News/uztEkib4zFMHCn5r[11]
- Panasonic - http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html[12]
- Intel – NUC, Compute Stick and Desktop Boards[13][14][15]
Intel Processor Identification Utility - Windows* Version[16] produces following result indicates VT technology but no AMT.
References
- ^ Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege (security-center.intel.com)
- ^ INTEL-SA-00075 Detection Software and Guide (downloadcenter.intel.com)
- ^ INTEL-SA-00075 Detection Guide (downloadcenter.intel.com)
- ^ http://www8.hp.com/us/en/intelmanageabilityissue.html (www8.hp.com)
- ^ http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html (h22208.www2.hpe.com)
- ^ https://support.lenovo.com/us/en/product_security/LEN-14963 (support.lenovo.com)
- ^ http://support.ts.fujitsu.com/content/Intel_Firmware.asp (support.ts.fujitsu.com)
- ^ http://en.community.dell.com/techcenter/extras/m/white_papers/20443914 (en.community.dell.com)
- ^ http://en.community.dell.com/techcenter/extras/m/white_papers/20443937 (en.community.dell.com)
- ^ https://us.answers.acer.com/app/answers/detail/a_id/47162 (us.answers.acer.com)
- ^ https://www.asus.com/News/uztEkib4zFMHCn5r (www.asus.com)
- ^ http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html
(pc-dl.panasonic.co.jp) - ^ NUC (www.intel.com)
- ^ Compute Stick (www.intel.com)
- ^ Desktop Boards (www.intel.com)
- ^ Windows* Version (downloadcenter.intel.com)
