|
|
|
|
|
|
by thyrsus
3334 days ago
|
|
|
The article says that a Local Management Service (LMS) must be installed for the bug to be demonstrated[0], and describes a Windows package that provides that. Is there a Linux equivalent? [0] I say "demonstrated" instead of "exploited", since I don't understand the details sufficiently to rule out exploitation in the absence of LMS. |
|
|
I haven't looked into the exploit, but if the attack uses AMT's http(s) interface, you could also simply access the AMT port(s) from a remote machine. The service simply allows one to speak to the local ME.