Critical vulnerability in Intel processor firmware undiscovered for 10 years

The error made it possible to bring the affected computers under the control of the attackers via their remote maintenance functions. A firmware update from Intel is required to close the gap, but this is not available for all affected systems. However, the vulnerability can only be exploited if one of the following technologies is set up and active on a system (this is disabled by default):

Affected are systems running Intel Manageability Firmware versions 6.x, 7.x, 8.x, 9.x, 10.x, 11.0, 11.5, and 11.6 for Intel Active Management Technology, Intel® Small Business Technology, and Intel Standard manageability work. Versions before 6 or after 11.6 are not affected.

Intel recommends using a detection guide (https://downloadcenter.intel.com/download/26755) to check if a system is affected by the firmware vulnerability. A check by the OEM of the system also provides information about the update status of the firmware: Versions in which the security gap has been closed have a four-digit build number beginning with 3, eg 8.1.71.3608.

If a firmware update is no longer possible for your system, we recommend disabling AMT, which can generally be done in the BIOS / UEFI settings of the computer concerned.