Intel announced on May 1st that there is a security flaw in their ADM firmware that has existed for the last ten years. Reports indicate that this flaw can allow a remote attacker to take control of vulnerable systems without having to enter a password.
Intel is reporting that Firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 are affected. Chips running firmware versions prior to 6 and after 11.6 do not have the vulnerability. Intel also notes that "this vulnerability does not exist on Intel-based consumer PCs." Intel has rated the flaw (designated CVE-2017-5689) as "critical." Intel recommends all business customers immediately assess whether they have devices with the vulnerable vPro processors and if so, to patch them immediately.
Well if you have a vPro laptop (i.e. most commercial laptops), then you probably have the flaw.
For more information on the flaw, please see: Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege - https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr
Intel has released a tool to determine if you are vulnerable: INTEL-SA-00075 Detection Guide - https://downloadcenter.intel.com/download/26755
If you are vulnerable, here’s how Intel says to temporally address it until your vendor has a fix: INTEL-SA-00075 Mitigation Guide - https://downloadcenter.intel.com/download/26754
It looks like Lenovo, HP and Fujitsu have a download available.
Dell will start releasing updates on May 17th.
Dell Client Statement on Intel AMT Advisory (INTEL-SA-00075) - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914/download
Dell/EMC’s Statement on affected servers (PowerEdge T-20 & T30) Can be found here - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937/download
HP HPSBHF03557 rev. 5 - Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - http://www8.hp.com/us/en/intelmanageabilityissue.html
Lenovo - Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Remote Privilege Escalation - https://support.lenovo.com/us/en/product_security/len-14963
Fujitsu - Advisory note: Intel Firmware vulnerability - http://support.ts.fujitsu.com/content/Intel_Firmware.asp
If you need help, please reach out. We can be of assistance!
Will you be ready when disaster strikes?
You can't miss our Free Webinar:
"Disaster Recovery: Backups are Not Enough"
May 25th @ 10am