Semi-Accurate only claims accuracy according to what's on the box. The official documentation of the issue can be found at https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075
It looks like a software bug in the AMT firmware. Therefore: - No AMT (eg on non-business consumer devices) -> no (bug | exploit). - Present but disabled AMT (eg. on business devices without AMT enrollment) -> no (bug | exploit). (although there's apparently a way to enable AMT unsupervised under some circumstances with some level of local access. or something.)
Patrick
2017-05-02 19:31 GMT+02:00 John Lewis jlewis@johnlewis.ie:
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platf...
The article says "all" Intel boards since 2008 are locally vulnerable (ME exploit), but the Intel advisory (linked within) says consumer devices are okay.
What the article says about even low end devices still having the features albeit turned "off" rings true to me, based on stuff I've read here and elsewhere. What's your take (bearing in mind the technical details aren't available, yet)?
-- coreboot mailing list: coreboot@coreboot.org https://mail.coreboot.org/mailman/listinfo/coreboot