[MichaelGG]

So now that there's more info out, this is only a threat if you have remote management provisioned? And to provision it, you first need code execution on the box?

Is the impact of this bug basically nothing to most users? And to provisioned users, it's just as bad as any bug on a remote management system? That is, the fact it's built in to the CPU makes no difference?

[semi-extrinsic]

I also understand AMT is only found on vPro branded CPUs, which most consumers don't buy.

You can search here to get a list; e.g. select {vPro: yes, Embedded graphics: yes} to see "normal" CPUs that are affected.

http://ark.intel.com/Search/Advanced

[bobsam]

Many enterprise users are affected by this.

[MichaelGG]

Sure but they'd be affected regardless, due to enabling a remote management system. All I'm asking is if there's any real damage because this is built in by Intel. If Intel didn't ship this, then OEMs would, just like e.g. Dell DRAC, right? And that'd have the same attack surface.

[Crespyl]

I'm not familiar with DRAC, but if it's something added by an OEM wouldn't it have to be in the UEFI/BIOS layer or higher?

AMT/ME and its ilk are a physical coprocessor built into the CPU, whether it's "enabled" or not, not something that can be added or removed after the fact.

[qb45]

For now it's just that, remote management authentication bypass. Whether the ability to power up your machine at night and install Windows Millenium Edition for the lulz qualifies as "real damage" is up to you I guess :)

Anyway, you can't do anything Intel's management software doesn't normally support because this would require gaining arbitrary code execution on the ME and it's not what this exploit is about.

[AnimalMuppet]

But, IIUC, this has more power once exploited.