Reply to post: M$ grade Fubar

How to remote hijack computers using Intel's insecure chips: Just use an empty login string


M$ grade Fubar

My i7 toting HP Elitebook is one such machine, although out of the box, AMT, VPro etc is not enabled.

Accessing the ports listed in the article just gives a message saying there's no active Intel Management Engine (IME) available to do anything. I went a wandering in the BIOS and found some related options which I've studiously left disabled. Not good though that there's a webserver on those ports telling you anything in the first place though. Sounds like some router based port blocking is in order...

Not wishing to downplay the severity, but from what I understand of vPro etc, if your machine (like mine) has discrete graphics, the VNC remote control option is not available. it only works with Intel embedded graphics which a lot of machines don't have enabled at all. Business users would probably have no need for discrete graphics (Interwebs, Excel etc) but as a home user, the GPU does come in handy for video editing (although not being a patch on something like an RX 480).

However, in a corporate environment I can see this creating a veritable sh1tstorm. If you can get physical access to the corporate network, then I shudder to think what sort of nasties could end up doing the rounds.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon


Biting the hand that feeds IT © 1998–2019