AMT is run in the management engine. "The Intel AMT functionality is contained in the ME firmware (Manageability Engine Firmware)."
So, yes, it's the ME that was exploited. AMT is just an app for the ME.
If that's the case, this might really become huge.
If VPro were in all Xeons then each and every Intel based computer in a DC would be affected. And that's clearly not the case. Also, it is not yet clear - at least to me - whether or not VPro is affected at all but if the ME runs AMT then it definitely is affected.
It’s quite an extensive list, and definitely not "only 2"
Though if that is the case Intel has a much more serious problem on its hand for suggesting that only business desktops and a couple of low end servers are affected.
Well, he was 'SemiAccurate', not accurate so you have all the reason to believe until further notice that VPro is not affected by this bug and claiming different is like shouting 'fire' in a crowded theater. Absent hard proof I don't think you should make such claims. Though I'm sure most sysadmins here would know the difference between a legitimate claim of such magnitude and an inaccurate one.
SemiAccurate got the gist right but lots of the details wrong.
Considering the fact that people claimed a few hours ago AMT would be entirely secure, I think the opposite should hold true right now. Assume everything is vulnerable, unless proven otherwise.
This is standard practice in most of IT, but apparently we ignore it here.
Well, in that case you'd better disconnect from the internet don't you think?
AMT was not claimed to be 'entirely secure' by anybody that mattered as far as I'm aware and Intel is pretty explicit about this vulnerability. It is a bad one because it is a remote exploitable one, but it isn't the first vulnerability either.
> This is standard practice in most of IT, but apparently we ignore it here.
Standard practice is to go on facts, not on conjecture or hype. If VPro rather than AMT is exploitable that would be very big news, far larger than the issue currently being reported. So far I have not seen a shred of evidence for that but who knows, that might change and then it will be a very very long night for a lot of people here. For now though there is no reason to be so alarmist.
Also, I'm kind of done with this discussion, you seem to want to hold on to a rumor on a website calling itself 'semi accurate' which in fact was exactly that and for which I'm grateful to them. But they are not authoritative in any way and you should stop making it seem as if they have the last word on this, if you want to make a point show some proof.
VPro or not doesn't matter, if the ME runs AMT then you might be affected if the version numbers are the ones listed in TFA so that's what you should go on, not just on whether or not you have VPro.
And if you don't need it disable this stuff in your BIOS, no need to enlarge your attack surface without a reason.
I can’t. My BIOS has no option for AMT.
But AMT is running, it’s exposed on the specified port via HTTP.
And this is on a consumer PC, with an i7-6700.
Note that the Intel advisory does not list VPro. If that is the case then tomorrow would be a really good time to buy some AMD stock, there would be very very large numbers of Xeons affected.
I'm halfway tempted to call my sysadmin out of bed to check one of our systems that I'm quite sure has VPro to see if it is vulnerable. Fortunately my main server is an AMD Bulldozer box.
Regardless, if it runs AMT you should check it, VPro or not is really besides the point, it's AMT that is the problem, not VPro as such, which is just another marketing term for the ME and application suite if I understand it correctly, and if that were exploitable instead of 'just' AMT it would be much bigger (and worse) news.
But saying that all VPro enabled Xeons or even every Xeon is affected is needlessly alarmist.
Here is a wikipedia article on AMT:
If you look at the list of version you can see they all target Desktop and Mobile, no Xeons besides the one I listed earlier. The document you linked also explicitly states 'PC's', not 'servers', though it is definitely possible that some hosting facilities use (cheaper) desktops as servers.
Forgot the link:
It would be really nice if Intel would categorically state which Xeon line products are and are not affected.
I thought AMT was a component of VPro. I assumed all VPro systems had it based on early marketing of the management capabilities of VPro. They were just bundling management and security features. Memory too broken to be sure but that feels like what I said to a lot of people over time.