Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Intel AMT Vulnerability - a worry for home users?


  • Please log in to reply
4 replies to this topic

#1 Itchy01

Itchy01

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 16 January 2018 - 02:02 AM

Hi

 

In Australia, we can subscribe to an alert service (Stay Smart Online) which today published "Does your business use Intel’s AMT? Then keep reading!" It is the usual generally-worded stuff, not much of a springboard for action.

 

The SSO article implies only business computer users need be alarmed, although I'm never convinced vulnerabilities know they're confined to offices.

 

So, does anyone know whether humble John-&-Jane-Citizen users need to take action? If so, what "how-to"s are available, because I couldn't find anything to translate the article's recommendation "If you don’t need AMT, you should disable it in the device BIOS straightaway" into actions.

 

I looked at:

I also noted similar conniptions about AMT back in May 2017:

To quote Williams (first article): "To recap: Intel provides a remote management toolkit called AMT for its business and enterprise-friendly processors; this software is part of Chipzilla's vPro suite and runs at the firmware level, below and out of sight of Windows, Linux, or whatever operating system you're using."

 

Again, this seemed to reinforce the idea of different CPUs to what mum and dad (and the kids) would be using. But ... ?

 

And, is the latest (Sintonen/Google) discovery different to early 2017's or more of the same?

 

Cheers

 

Itchy01



BC AdBot (Login to Remove)

 


#2 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,075 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:01 PM

Posted 16 January 2018 - 05:01 AM

Hi,
 

To quote Williams (first article): "To recap: Intel provides a remote management toolkit called AMT for its business and enterprise-friendly processors; this software is part of Chipzilla's vPro suite and runs at the firmware level, below and out of sight of Windows, Linux, or whatever operating system you're using."
 
Again, this seemed to reinforce the idea of different CPUs to what mum and dad (and the kids) would be using. But ... ?

 

There are machines on the market by big brands that include the Intel AMT functionality, if you search on google with the name of the Intel processor you have (ex i7-3770) you will find an Intel web page with the technical specs of the processor, look for "Intel vPro Technology" Yes.

 

The processor is one part the other is that you need a motherboard compatible with that feature to be at risk. My understanding is that the Intel AMT features available will depend on what the manufacturer implemented and the hardware involved.

 

From what I have read it seems the vulnerabilities on the Intel AMT can be "resolved" by simply disabling this feature, by default the network access is disabled on Intel AMT so if no one ever enabled that it will not put the machine at risk.

 

Some manufactures provide updates for the BIOS that also update the Intel AMT code others provide independent download just with the updates for the Intel AMT.

If you see two updates been provided make sure you install both.

 

And, is the latest (Sintonen/Google) discovery different to early 2017's or more of the same?

 

Yes Intel AMT is different from the recent Spectre and Meltdown security problems.

 

Intel AMT is basically software that can be fixed with update of code, the other problems is more hardware (processors) related and hard to fix...


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#3 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 16 January 2018 - 05:45 PM

Thanks Sleepy Dude

 

My CPU's a 4th gen. I looked it up on the site your example came from.

 

My page didn't have  "Intel vPro Technology" under Advanced Technologies. (Or Intel Turbo Boost Technology). The remaining 5 technologies listed on your example page under Advanced Technologies, however, were there. Is it bad news for me that "Intel vPro Technology" is missing?

 

Quote: "From what I have read it seems the vulnerabilities on the Intel AMT can be "resolved" by simply disabling this feature".

I don't know how to do this so any "how-to" instructions gratefully accepted.

 

Quote: "by default the network access is disabled on Intel AMT so if no one ever enabled that it will not put the machine at risk."

Again - pleading my gumby status - any "how-to" instructions on how to access the appropriate file and dialogue box to check this also gratefully accepted.

 

Many thanks

 

Itchy01



#4 SleepyDude

SleepyDude

  • Malware Response Team
  • 3,075 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Portugal
  • Local time:08:01 PM

Posted 16 January 2018 - 05:50 PM

Thanks Sleepy Dude

 

My CPU's a 4th gen. I looked it up on the site your example came from.

 

My page didn't have  "Intel vPro Technology" under Advanced Technologies. (Or Intel Turbo Boost Technology). The remaining 5 technologies listed on your example page under Advanced Technologies, however, were there. Is it bad news for me that "Intel vPro Technology" is missing?

 

No it means you don't have to worry with Intel AMT because your machine don't have that.


• Please do not PM me asking for support. Post on the forums instead it will increases the chances of getting help for your problem by one of us.
• Posts in the Malware section that are not replied to within 4 days will be closed. PM me or a moderator to reactivate.
• Please post your final results, good or bad. We like to know! Thank you!

 
Proud graduate of GeekU and member of UNITE
___
Rui

 
 


#5 Itchy01

Itchy01
  • Topic Starter

  • Members
  • 35 posts
  • OFFLINE
  •  
  • Local time:02:01 PM

Posted 16 January 2018 - 07:51 PM

Hi SleepyDude

 

Many thanks! One thing less to worry about :).

 

Cheers

 

Itchy01






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users