Hacker News new | past | comments | ask | show | jobs | submit login

Interesting. So, AMT being a part of VPro might have warranted the inclusion of that term or the term 'Xeon' with a list of SKUs in the original advisory or something if they are affected. Right now it reads as if the server side is a-ok except for some rare beasts, so that's what I'm going on until there is evidence to the contrary.

I'm halfway tempted to call my sysadmin out of bed to check one of our systems that I'm quite sure has VPro to see if it is vulnerable. Fortunately my main server is an AMD Bulldozer box.

Regardless, if it runs AMT you should check it, VPro or not is really besides the point, it's AMT that is the problem, not VPro as such, which is just another marketing term for the ME and application suite if I understand it correctly, and if that were exploitable instead of 'just' AMT it would be much bigger (and worse) news.

But saying that all VPro enabled Xeons or even every Xeon is affected is needlessly alarmist.

Here is a wikipedia article on AMT:


If you look at the list of version you can see they all target Desktop and Mobile, no Xeons besides the one I listed earlier. The document you linked also explicitly states 'PC's', not 'servers', though it is definitely possible that some hosting facilities use (cheaper) desktops as servers.

Well according to the all knowing wikipedia only the Xeon E3-1200 product family has AMT and would be vulnerable. So your servers should be ok, but most every desktop and laptop on your network with an Intel processor from the past 10 years, not so much.

Forgot the link: https://en.wikipedia.org/wiki/Intel_Active_Management_Techno...

The Xeon 3400 as well. I've not yet found any others that are also probably vulnerable.

It would be really nice if Intel would categorically state which Xeon line products are and are not affected.

"So, AMT being a part of VPro "

I thought AMT was a component of VPro. I assumed all VPro systems had it based on early marketing of the management capabilities of VPro. They were just bundling management and security features. Memory too broken to be sure but that feels like what I said to a lot of people over time.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact