EDIT: from the PDF posted in another thread, looks like the Intel ME ports are 16992, 16993, 16994, 16995, 623, and 664.
Enabling it is tremendously difficult though AFAIK.
"An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges"
I would go ahead and assume it's an issue on guest virtual machines. Maybe not, but since they don't explain the vector...
That's the whole problem here, this is an issue that allows a remote attack, not just a local one.
Yes, remote exploitability sucks hard, but that's not the "whole problem"; there's a bigger problem that just remote exploitability.
Step 1: Determine if you have an Intel® AMT, Intel® SBA, or Intel® ISM capable system: https://communities.intel.com/docs/DOC-5693. If you determine that you do not have an Intel® AMT, Intel® SBA, or Intel® ISM capable system then no further action is required.
Step 2: Utilize the Detection Guide to assess if your system has the impacted firmware: https://downloadcenter.intel.com/download/26755. If you do have a version in the “Resolved Firmware” column no further action is required to secure your system from this vulnerability.
- do you have a VPro enabled mac (probably not) or laptop (could be)?
- if so are you running AMT (check bios!)?
- if so is it running one of the affected versions?
- and even if not check if the machine is running LMS and if it does disable that.