Intel AMT – It’s a feature not a bug
Last weekend I read a twitter message stating that Intel was suffering from yet another security issue. This time with the Active Management Technology (AMT). Even more terrifying is the following that is being said by Harry Sintonen, one of F-Secure’s Senior Security Consultants, “The issue allows a local intruder to backdoor almost any corporate laptop in a matter of seconds, even if the BIOS password, TPM Pin, Bitlocker and login credentials are in place.”. Ouch! However, this issue is not new. It is just not known by a lot of people. An article from 2007 is included in the references below to show that this was an already known issue and that the default password should be changed.
This morning we wanted to know how bad the security issue is and of course how we can exploit this.
Working with different kind of laptops we finally managed to reproduce the issue. As it turns out that exploiting the issue it is not as simple as stated in the F-secure blog (see reference below). Not every system has the Intel Management Engine BIOS Extension (MEBx) enabled. In some cases, the functionality isn’t even available due to lack of licenses. This being said, some functionality can be enabled if you have access to the BIOS.
So, in short:
This is not a direct issue if the system does not have the AMT Setup Prompt (Ctrl-P). If the functionality is present, but disabled, a BIOS password could, in some cases, still reduce the risk of this issue.