In May this year Intel announced a serious remote exploit vulnerability in their Intel Active Management Technology (AMT). AMT is a a hardware and firmware technology for remote out-of-band management of computers. Intels full summary of the technology and the vulnerability is here.
If the Intel AMT feature was not something in use by your organisation it was simply best to patch then disable the feature. There were however in some cases no patches provided by some hardware vendors.
Good news! Intel have updated their advisory to say more firmware updates available to address Intel AMT vulnerability you can read that advisory here.
If you were left with machines in your fleet unpatched because of this nows a great time to go back and check for updates.
You can do so for some of the more popular vendors here:
- HP Inc. - http://www8.hp.com/us/en/intelmanageabilityissue.html
- HP Enterprise - http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html
- Lenovo - https://support.lenovo.com/us/en/product_security/LEN-14963
- Fujitsu - http://www.fmworld.net/globalpc/intel_firmware/
- Dell Client - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914
- Dell EMC - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937
- Acer - https://us.answers.acer.com/app/answers/detail/a_id/47605
- Asus - https://www.asus.com/News/uztEkib4zFMHCn5r
- Panasonic - http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html
- Toshiba - https://support.toshiba.com/sscontent?contentId=4015668
- Getac - http://intl.getac.com/aboutgetac/activities/activities_2017051648.html
- Intel – NUC, Compute Stick and Desktop Boards
- Samsung - http://www.samsung.com/uk/support/intel_update/