News:

Willkommen im Notebookcheck.com Forum! Hier können sie über alle unsere Artikel und allgemein über Notebook relevante Dinge disuktieren. Viel Spass!

Main Menu

Gone in 30 seconds: New Intel AMT exploit is scarier than you can ever fathom

Started by Redaktion, January 14, 2018, 15:04:20

Previous topic - Next topic

Redaktion

F-Secure's security researchers discovered another flaw in Intel's Active Management Technology (AMT) that a hacker can potentially misuse to gain remote access to a system.

https://www.notebookcheck.net/Gone-in-30-seconds-New-Intel-AMT-exploit-is-scarier-than-you-can-ever-fathom.278216.0.html

Puppy


Vaidyanathan

Quote from: Puppy on January 14, 2018, 16:46:17
Isn't the password reset to the default one again after a BIOS update?

Are you referring to the BIOS password or the MBEx password?

Close

None of the passwords gets reset after anu update. You actually need the password to update anyway. And anyone deploying AMT enabled workstations (or even non-AMT ones) should pro isi on them properly: disable or configure AMT and change the password, disable the MEBx setup dialog, password the BIOS. I've set up provisioning infrastructures for AMT enabled devices since 2008-2009 and they were used to configure tens if not hundreds of thousands of devices. None of them is open for this kind of exploit. Unlike the previous ones where Intel'crappy security was to blame, this time it's crappy system administration. Like complaining that Windows sucks because you have 123456 as administrator  password.

What's really scary though is that people with limited understanding of how this works are allowed to write titles like in this article.

Quick Reply

Warning: this topic has not been posted in for at least 120 days.
Unless you're sure you want to reply, please consider starting a new topic.

Name:
Email:
Verification:
Please leave this box empty:

Shortcuts: ALT+S post or ALT+P preview