Ah, I understand. The Mitigation guide says: "Intel highly recommends that the f... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

weinzierl on May 3, 2017 | parent | context | favorite | on: Disabling Intel AMT on Windows

Ah, I understand. The Mitigation guide says: "Intel highly recommends that the first in all mitigation paths is to unprovision the Intel manageability SKU to address the network privilege escalation vulnerability".

Unprovisioning AMT seems to be the essential part and I am curious if the other steps serve any real purpose.

The Mitigation Guide goes on to say: "Systems that are vulnerable [...] should be unprovisioned using the tools used to initially configure them [...] As an example, the Intel AMT Configuration Utility [...]"

So ACUConfig is just an example and specifically not the Intel recommended way. OP doesn't say that.

gaia on May 3, 2017 [–]

ACUConfig is the Intel recommended way, per the mitigation guide (at least for now, until a patch is released).

weinzierl on May 3, 2017 | [–]

Quote from the Mitigation Guide:

"Systems that are vulnerable [...] should be unprovisioned using the tools used to initially configure them [...]"

Consider applying for YC's Fall 2025 batch! Applications are open till Aug 4
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact