This is potentially very bad for many people, as this is presumably exposed outside the firewall on the computer, and is OS-independent.
That means any laptop that leaves a firewalled LAN is exposed to a remote root exploit. The Intel "Management Engine" (ME) runs along side the main processor. It piggybacks on the network ports, and can read/write any memory or disk location in the system. If an attacker can gain control of the ME, they can do whatever they want, outside the OS. Reportedly some (most?) chipsets are vulnerable even if you're not using the ME or have it nominally disabled. Even when not vulnerable to remote attack, everything is locally vulnerable. It appears firmware fixes have to come from the motherboard vendor. https://m.theregister.co.uk/2017/05/01/intel_amt_me_vulnerability/ https://security-center.intel.com/advisory.aspx?intelid=INTE L-SA-00075&languageid=en-fr -- Ben
_______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss/
