[Spooky23]

It does very little.

As usual with AMT, there's a lot of noise, but these vulnerabilities to date have only been exploitable with activated AMT. With activation you can patch, etc.

And as I always point out in these stories, if Intel AMT freaks you out, Google "absolute software embedded bios".

[mr_overalls]

Black Hat Briefings 2009 - researchers show that the implementation of the Computrace/LoJack agent embedded in the BIOS has vulnerabilities and that this "available control of the anti-theft agent allows a highly dangerous form of BIOS-enhanced rootkit that can bypass all chipset or installation restrictions and reutilize many existing features offered in this kind of software."

Black Hat 2014 - Kaspersky demonstrates local and remote exploitation of first-stage CompuTrace agent (small agent, it is used only to install full version of rootkit after activation of LoJack or after reinstallation of Windows)

https://www.blackhat.com/docs/us-14/materials/us-14-Kamlyuk-...

Holy hell.

[yuhong]

Ah, the laptop anti-theft arms race.