Another AMT flaw. It's important to note that this requires *physical access* to exploit. There are few threat models likely to be impacted by the issue. That said, it's a big deal for those who regularly leave laptops unsecured, particularly overseas.https://thehackernews.com/2018/01/intel-amt-vulnerability.html …
For this specific issue, there's no expectation of any local access control unless you set a BIOS password, but when you do set a BIOS pw, there should not be an enabled-by-default AMT bypass to go around it!
-
-
You know it’s enabled by default -when you initially set it up, disable it - set a long password - again config. If you know you will never use it - type a really long random password. Now if it doesn’t allow a really long password - that is a flaw.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.