Newly discovered flaw in Intel’s Active Management Technology (AMT) firmware is worse than previously thought.
Intel announced on May 1st that there is a security flaw in their ADM firmware that has existed for the last ten years. Reports indicate that this flaw can allow a remote attacker to take control of vulnerable systems without having to enter a password.
Intel is reporting that Firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 are affected. Chips running firmware versions prior to 6 and after 11.6 do not have the vulnerability. Intel also notes that "this vulnerability does not exist on Intel-based consumer PCs." Intel has rated the flaw (designated CVE-2017-5689) as "critical." Intel recommends all business customers immediately assess whether they have devices with the vulnerable vPro processors and if so, to patch them immediately.
What does this mean for you?
Well if you have a vPro laptop (i.e. most commercial laptops), then you probably have the flaw.
For more information on the flaw, please see: Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege - https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
Intel has released a tool to determine if you are vulnerable: INTEL-SA-00075 Detection Guide - https://downloadcenter.intel.com/download/26755
If you are vulnerable, here’s how Intel says to temporally address it until your vendor has a fix: INTEL-SA-00075 Mitigation Guide - https://downloadcenter.intel.com/download/26754
It looks like Lenovo, HP and Fujitsu have a download available.
Dell will start releasing updates on May 17th.
Here are links to the vendor responses:
Dell Client Statement on Intel AMT Advisory (INTEL-SA-00075) - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914/download
Dell/EMC’s Statement on affected servers (PowerEdge T-20 & T30) Can be found here - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937/download
HP HPSBHF03557 rev. 5 - Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - http://www8.hp.com/us/en/intelmanageabilityissue.html
Lenovo - Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - https://support.lenovo.com/us/en/product_security/len-14963
Fujitsu - Advisory note: Intel Firmware vulnerability - http://support.ts.fujitsu.com/content/Intel_Firmware.asp
If you need help, please reach out. We can be of assistance!
Will you be ready when disaster strikes?
You can't miss our Free Webinar:
"Disaster Recovery: Backups are Not Enough"
May 25th @ 10am