Intel AMT Vulnerability CVE-2017-5689

donaghs

Hi, any thoughts people on this vulnerability which potentially affects lots of business computers with intel chips?

Apparently doesn't affect "consumer" computers.

Basically it allegedly could let someone take remote control of parts of your computer, using these intel remote control features.

I get the impression that there isn't much that can be done, until firmware updates are released for each type of machine?
Some
People mention blocking the relevant ports, disabling the Intel LMS in windows, but these are just "risk mitigation" so far?

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/

ED E

Security through obscurity never works, but Intel have ignored researchers on this for a good while.

Its basically an IPMI on steroids and thus is a Ring -3 vulnerability, and unlike other similar products its not OEM unique so get one get all. Only good thing is enterprise customers will actively patch for the most part where home users would totally miss it.

donaghs

ED E wrote: »

Security through obscurity never works, but Intel have ignored researchers on this for a good while.

Its basically an IPMI on steroids and thus is a Ring -3 vulnerability, and unlike other similar products its not OEM unique so get one get all. Only good thing is enterprise customers will actively patch for the most part where home users would totally miss it.

Yes, but looking at the business machines I use, and have used, e.g. Dell, hp, Lenovo, there's still no firmware updates yet? (Haven't checked today as it's the weekend...)