Post reply

The message has the following error or errors that must be corrected before continuing:: Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Name
Email
Subject
Message icon

Other options

Return to this topic
Don't use smileys

Verification:

Please leave this box empty:

Shortcuts: ALT+S post or ALT+P preview

Topic summary

Posted by Close

- January 15, 2018, 13:54:24

None of the passwords gets reset after anu update. You actually need the password to update anyway. And anyone deploying AMT enabled workstations (or even non-AMT ones) should pro isi on them properly: disable or configure AMT and change the password, disable the MEBx setup dialog, password the BIOS. I've set up provisioning infrastructures for AMT enabled devices since 2008-2009 and they were used to configure tens if not hundreds of thousands of devices. None of them is open for this kind of exploit. Unlike the previous ones where Intel'crappy security was to blame, this time it's crappy system administration. Like complaining that Windows sucks because you have 123456 as administrator password.

What's really scary though is that people with limited understanding of how this works are allowed to write titles like in this article.

Posted by Vaidyanathan

- January 15, 2018, 06:49:57

Quote from: Puppy on January 14, 2018, 16:46:17
Isn't the password reset to the default one again after a BIOS update?

Are you referring to the BIOS password or the MBEx password?

Posted by Puppy

- January 14, 2018, 16:46:17

Isn't the password reset to the default one again after a BIOS update?

Posted by Redaktion

- January 14, 2018, 15:04:20

F-Secure's security researchers discovered another flaw in Intel's Active Management Technology (AMT) that a hacker can potentially misuse to gain remote access to a system.

https://www.notebookcheck.net/Gone-in-30-seconds-New-Intel-AMT-exploit-is-scarier-than-you-can-ever-fathom.278216.0.html