So that means it's still exploitable over the network? (I thought it would cut it down to local-only). Lenovo is lying to me when it says "disable AMT"?
Then again, maybe it's not actually enabled, since I didn't use the software to do so.
That is a good question. Lenovo's advisory (https://pcsupport.lenovo.com/us/en/product_security/ps500104) does not explicitly states which AMT status make it vulnerable, but given that Intel ME runs no matter what, I'd go for the disable guide.
