Hacker News new | past | comments | ask | show | jobs | submit login

Yes. This affects the management engine, an independent firmware that runs in your system wether it runs linux, windows BSD. It is still running even if your computer is off (in fact, one of its capabilities is to turn it on remotely).

Edit to add: independent of what Intel might say about this (given it seems it has taken 5 years to disclose this and 5 major firmware versions I won't trust too much what they say about consumer pcs not being affected). Check if your cpu and motherboard support AMT and if it is enabled. All workstations I've worked with have it, but there are a lot of machines that have it disabled by default unless you specifically turn it on. So, you might be affected if you have a "supported" processor and (I guess) an Intel NIC onboard and wired, and remote capabilities enabled.




What if I disable AMT in the BIOS setting? Does that make these Windows programs irrelevant?


I'm mostly interested in if servers with ipmi (supermicro in particular) are vulnerable, and to what degree. If it's the network with the ipmi ports, that's one thing, but if it's public facing...

Much stuff is going to be hitting fans.


IIUC the SuperMicro BMC is different software on a separate third-party chip. So it's reasonably likely to be vulnerable, but not to this particular vulnerability.


Your IPMI should be on a private management network, at least. If you haven't done that, I hope you at least changed the default password.


Yeah, that's pretty easy on this generation. But there was a previous generation where the IPMI piggybacked on one of the main NICs, where it was a lot easier to accidentally expose that to unfriendly traffic.


It's not entirely clear if this'll be exploitable except in the rather rare scenario where someone has actually set up AMT.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: