<html>
  <head>
    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    <div class="moz-cite-prefix">We could just remove or <a
        href="https://github.com/corna/me_cleaner">cleanse</a> the ME to
      seal this loophole.<br>
      <br>
      在 2017年05月02日 00:13, Sam Kuper 写道:<br>
    </div>
    <blockquote
cite="mid:CAD-JurKLtroXO-L2btgR=P5PRQyPyKtbxYPvCPbw5c38h0JZug@mail.gmail.com"
      type="cite">
      <pre wrap="">On 01/05/2017, Shawn <a class="moz-txt-link-rfc2396E" href="mailto:citypw@gmail.com"><citypw@gmail.com></a> wrote:
</pre>
      <blockquote type="cite">
        <pre wrap=""><a class="moz-txt-link-freetext" href="https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/">https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/</a>
</pre>
      </blockquote>
      <pre wrap="">
The piece states, "on April 25, Intel released a firmware fix for this
unnamed issue. It affects every Intel machine from Nehalem in 2008 to
Kaby Lake in 2017."

Has anyone here got a link describing or including the fix, either
directly from Intel, or from an OEM? At the moment, there are no
advisories listed at <a class="moz-txt-link-freetext" href="https://security-center.intel.com/advisories.aspx">https://security-center.intel.com/advisories.aspx</a>
newer than April 3, so presumably either the piece is false, or else
the firmware fix was released to OEMs but not publicly.

Discussion elsewhere:

<a class="moz-txt-link-freetext" href="https://news.ycombinator.com/item?id=14237266">https://news.ycombinator.com/item?id=14237266</a>

<a class="moz-txt-link-freetext" href="https://www.reddit.com/r/linux/comments/68ma1a/every_intel_platform_with_amt_ism_and_sbt_from/">https://www.reddit.com/r/linux/comments/68ma1a/every_intel_platform_with_amt_ism_and_sbt_from/</a>

</pre>
    </blockquote>
    <p><br>
    </p>
  </body>
</html>