Skip to main content

Intel AMT firmware suffers security flaw even when machines are off

8th gen intel core launch
Image used with permission by copyright holder
Another security vulnerability has been revealed that poses a significant risk for a number of PCs running Intel chipsets or processors. This one’s a bit different — and potentially more dangerous — than many other vulnerabilities in that it targets business-class systems in particular. It can also affect machines that aren’t even running.

The flaw, which exists in certain Intel chipset firmware versions utilized by some systems with vPro processors, affects the Active Management Technology, or AMT, feature. AMT lets administrators manage machines via remote connections, and the vulnerability allows attackers to bypass authentication and utilize the same capabilities, Ars Technica reports.

AMT is a part of the remote access features of some systems that allow remote access to a machine even when it’s shut down. As long as such a machine has power, it can by design be accessed with all the intended remote capabilities enabled.

Intel designed AMT to demand a password before allowing remote access via web browser. Unfortunately, the flaw allows attackers to bypass the AMT system’s usual authentication requirement. Tenable Network Security, which has created what it characterizes as the first Intel AMT vulnerability detection capability, describes the flaw as follows:

” … we reduced the response hash to one hex digit and authentication still worked. Continuing to dig, we used a NULL/empty response hash (response=”” in the HTTP Authorization header). Authentication still worked. We had discovered a complete bypass of the authentication scheme.”

As Ars Technica points out, the issue is made even worse by the AMT feature’s design, in which network traffic is passed through the Intel Management Engine and to the AMT, bypassing the operating system. That means that there’s no record of unauthorized access.

Intel indicated in a blog post that PC manufacturers should be releasing patches for affected systems within the week. It also posts a tool to locate and diagnose vulnerable systems. Fujitsu, HP, and Lenovo have provided information on their own affected systems. So far, the Shodan security search engine has located more than 8,500 machines that are vulnerable to attack.

Updated on 5-10-2017 by Mark Coppock: Clarified that the flaw exists in certain chipset firmware and not inherent in Intel vPro processors and removed the incorrect reference to any empty text field being able to bypass AMT authentication.

Editors' Recommendations

Mark Coppock
Mark has been a geek since MS-DOS gave way to Windows and the PalmPilot was a thing. He’s translated his love for…
Best Mac Mini deals: Save over $100 on an Apple desktop
Apple Mac Mini 2018

The Apple Mac Mini is a unique desktop computing option, as it comes in a small form factor that won’t take up much space on a desk. It’s also part of Apple’s new Apple Silicon lineup, which means newer models will pack quite a punch when it comes to performance. Apple’s popularity usually keeps its products from seeing substantial discounts, but we’ve found some out there. A couple could be considered some of the best Apple deals you’ll come across today. If you’re simply looking for a deal on a Mac, consider some iMac deals or MacBook deals, but if you’re sold on some savings for a pint-sized PC that fits within the Apple software ecosystem, read onward for the best Mac Mini deals worth shopping today.
Apple education pricing for new Macs and iPad -- multiple price points

Whether you're a newly accepted college student, returning student, faculty, staff, or homeschooling teacher, of any grade level, Apple offers its education pricing program for discounted hardware rates. That means you can grab an Apple Mac Mini for great prices that won't empty your wallet or bank account before the school year. A bevy of devices are included, not just the Mac Mini, such as MacBook Air, MacBook Pro, displays, and beyond.

Read more
Microsoft just discovered the next big evolution in displays
Resident Evil 4 running on the LG UltraGear 45 gaming monitor.

Microsoft is working on a new patent that aims to bring unprecedented levels of control to displays. The new tech, dubbed Pixel Luminesce for Digital Display, allows you to micromanage every single pixel of your display, adjusting the brightness as needed. If and when this makes it out of the development stage, it could end up being huge for all sorts of use cases, and could bring major improvements to some of the best gaming monitors.

The patent application describing the tech, first shared by Windows Report, describes the new technology as something that would enable selective dimming. With Microsoft's new tech, you could decide that one part of the display stays brighter while the rest of it remains unaffected, and this would happen dynamically.

Read more
These are the 10 best gaming PCs I’d recommend to anyone
Graphics card in the CLX Hathor PC.

We review dozens of gaming PCs each year. In 2024, there are a ton of great options, but we've narrowed down a list of the 10 best gaming desktops that deserve your hard-earned money.

In 2024, we still recommend the Alienware Aurora R16 due to its fantastic design, solid performance, and decent value. However, there are several other options depending on your needs and budget. If you want a deeper look into how we evaluate gaming PCs, make sure to read our post on how we review desktops.

Read more