Advertisement
If you have a new account but are having problems posting or verifying your account, please email us on hello@boards.ie for help. Thanks :)
Hello all! Please ensure that you are posting a new thread or question in the appropriate forum. The Feedback forum is overwhelmed with questions that are having to be moved elsewhere. If you need help to verify your account contact hello@boards.ie
Hi there,
There is an issue with role permissions that is being worked on at the moment.
If you are having trouble with access or permissions on regional forums please post here to get access: https://www.boards.ie/discussion/2058365403/you-do-not-have-permission-for-that#latest

Intel AMT Vulnerability CVE-2017-5689

  • 05-05-2017 6:55pm
    #1
    Registered Users, Registered Users 2 Posts: 2,820 ✭✭✭


    Hi, any thoughts people on this vulnerability which potentially affects lots of business computers with intel chips?

    Apparently doesn't affect "consumer" computers.

    Basically it allegedly could let someone take remote control of parts of your computer, using these intel remote control features.

    I get the impression that there isn't much that can be done, until firmware updates are released for each type of machine?
    Some
    People mention blocking the relevant ports, disabling the Intel LMS in windows, but these are just "risk mitigation" so far?

    https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

    https://www.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/


Comments

  • Registered Users, Registered Users 2 Posts: 36,170 ✭✭✭✭ED E


    Security through obscurity never works, but Intel have ignored researchers on this for a good while.

    Its basically an IPMI on steroids and thus is a Ring -3 vulnerability, and unlike other similar products its not OEM unique so get one get all. Only good thing is enterprise customers will actively patch for the most part where home users would totally miss it.


  • Registered Users, Registered Users 2 Posts: 2,820 ✭✭✭donaghs


    ED E wrote: »
    Security through obscurity never works, but Intel have ignored researchers on this for a good while.

    Its basically an IPMI on steroids and thus is a Ring -3 vulnerability, and unlike other similar products its not OEM unique so get one get all. Only good thing is enterprise customers will actively patch for the most part where home users would totally miss it.

    Yes, but looking at the business machines I use, and have used, e.g. Dell, hp, Lenovo, there's still no firmware updates yet? (Haven't checked today as it's the weekend...)


Advertisement