Hacker News new | past | comments | ask | show | jobs | submit login




That selects for VPro, which is not the same as AMT.

Note that the Intel advisory does not list VPro. If that is the case then tomorrow would be a really good time to buy some AMD stock, there would be very very large numbers of Xeons affected.


But the Intel advisory specifically links to this document[1] to assess your exposure, which just says to look for VPro. The info out there is still garbage at this point, but that seems to be the most authoritative I've seen so far.

[1] https://communities.intel.com/docs/DOC-5693


Interesting. So, AMT being a part of VPro might have warranted the inclusion of that term or the term 'Xeon' with a list of SKUs in the original advisory or something if they are affected. Right now it reads as if the server side is a-ok except for some rare beasts, so that's what I'm going on until there is evidence to the contrary.

I'm halfway tempted to call my sysadmin out of bed to check one of our systems that I'm quite sure has VPro to see if it is vulnerable. Fortunately my main server is an AMD Bulldozer box.

Regardless, if it runs AMT you should check it, VPro or not is really besides the point, it's AMT that is the problem, not VPro as such, which is just another marketing term for the ME and application suite if I understand it correctly, and if that were exploitable instead of 'just' AMT it would be much bigger (and worse) news.

But saying that all VPro enabled Xeons or even every Xeon is affected is needlessly alarmist.

Here is a wikipedia article on AMT:

https://en.wikipedia.org/wiki/Intel_AMT_versions

If you look at the list of version you can see they all target Desktop and Mobile, no Xeons besides the one I listed earlier. The document you linked also explicitly states 'PC's', not 'servers', though it is definitely possible that some hosting facilities use (cheaper) desktops as servers.


Well according to the all knowing wikipedia only the Xeon E3-1200 product family has AMT and would be vulnerable. So your servers should be ok, but most every desktop and laptop on your network with an Intel processor from the past 10 years, not so much.

Forgot the link: https://en.wikipedia.org/wiki/Intel_Active_Management_Techno...


The Xeon 3400 as well. I've not yet found any others that are also probably vulnerable.

It would be really nice if Intel would categorically state which Xeon line products are and are not affected.


"So, AMT being a part of VPro "

I thought AMT was a component of VPro. I assumed all VPro systems had it based on early marketing of the management capabilities of VPro. They were just bundling management and security features. Memory too broken to be sure but that feels like what I said to a lot of people over time.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: