undefined | Better HN

0 pointscantrevealname5y ago0 comments

> severe AMT vulnerabilities (basically allowing complete takeover of the PC through the network)

Does this mean when the PC was connected by ethernet cable? Even by wifi? The exploit could have worked by visiting an arbitrary website? With no click? (I’m not being skeptical. I just want to understand what’s required for the exploit to work.)

0 comments

wlesieutre5y ago

Here’s one from 2017: https://www.tomshardware.com/news/intel-amt-patch-may-8,3434...

Connected to Ethernet (with Intel hardware), but doesn’t need to be turned on. Must have vPro and AMT enabled.

swiley5y ago

You don't even need to boot the machine much less go to a website.

One of them I think was actually a zero day, you could get up on shodan and find piles of machines that would just let you upload an ISO and boot whatever you wanted on them.

It really is that bad.

corty5y ago

When the computer is off: WiFi would also work if it were configured with an ESSID and credentials. But usually, most people dont't do this.

When it is on: AMT Wifi might also just piggyback on the existing config of the OS.

j / k navigate · click thread line to collapse