English Community

Software and Operating SystemSecurity & Malware
All Forum Topics
Options

33 Posts

01-07-2015

PL

209 Signins

1180 Page Views

  • Posts: 33
  • Registered: ‎01-07-2015
  • Location: PL
  • Views: 1180
  • Message 21 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-05, 20:58 PM

i5-6200U don't have vPro but ThinkPad T560 can have other processors that have vPro technology:

i7-6600U

i5-6300U

http://www3.lenovo.com/us/en/laptops/thinkpad/thinkpad-t-series/T560/p/22TP2TT5600

Reply
Options

33 Posts

01-07-2015

PL

209 Signins

1180 Page Views

  • Posts: 33
  • Registered: ‎01-07-2015
  • Location: PL
  • Views: 1180
  • Message 22 of 44

Intel AMT - quick temporary fix until new BIOS release

2017-05-06, 9:23 AM
Reply
Options

58 Posts

04-18-2016

US

78 Signins

624 Page Views

  • Posts: 58
  • Registered: ‎04-18-2016
  • Location: US
  • Views: 624
  • Message 23 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-06, 17:30 PM

There is a simpler way.

netstat -na | findstr "\<16993\> \<16992\> \<16994\> \<16995\> \<623\> \<664\>"


should return nothing. If it does return something, you can run the mitigation guide at https://mattermedia.com/blog/disabling-intel-amt/

Reply
Options

149 Posts

04-23-2016

US

194 Signins

1027 Page Views

  • Posts: 149
  • Registered: ‎04-23-2016
  • Location: US
  • Views: 1027
  • Message 24 of 44

Is the P70 affected by the hijacking flaw that lurked in Intel chips?

2017-05-06, 21:16 PM

My following post that was originally posted on the Thinkpad P70 forum was just moved here. I'm still a bit confused and trying to figure out if my P70 is affected and how I can secure it. I'm weary about installing anything else from Intel to see if I am affected by this issue. is there a BIOS setting I can turn of for anything else I can do to definitevly know if my P70 is affected:

 

ORIGINAL POST:

 

I just read this article on Ars Technica that I find very concerning:

 

The hijacking flaw that lurked in Intel chips is worse than anyone thought | Ars Technica

"A remote hijacking flaw that lurked in Intel chips for seven years was more severe than many people imagined, because it allowed hackers to remotely gain administrative control over huge fleets of computers without entering a password. This is according to technical analyses published Friday."

 

And from what I can tell on the Lenovo Advisory below, Lenovo is listing the P70 as "affected." Does anyone know more about this and if only certain P70 configurations are affected or if they are all affected. I definitely don't want a hijacking backdoor in my P70 and I'm trying to figure out what is the best way to remove this threat from my computer.

 

Can this "feature" be disabled at the BIOS level? 

 

Lenovo Advisory: https://support.lenovo.com/us/en/product_security/LEN-14963

 

More info: https://arstechnica.com/security/2017/05/intel-patches-remote-code-execution-bug-that-lurked-in-cpus-for-10-years/

Reply
Options

149 Posts

04-23-2016

US

194 Signins

1027 Page Views

  • Posts: 149
  • Registered: ‎04-23-2016
  • Location: US
  • Views: 1027
  • Message 25 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 2:42 AM

wrote:

There is a simpler way.

netstat -na | findstr "\<16993\> \<16992\> \<16994\> \<16995\> \<623\> \<664\>"


should return nothing. If it does return something, you can run the mitigation guide at https://mattermedia.com/blog/disabling-intel-amt/


So I just issued the above command and pretty much just received the command prompt back. Does that mean that my Thinkpad P70 is unaffacted by this flaw?

 

C:\WINDOWS\system32>netstat -na | findstr "\<16993\> \<16992\> \<16994\> \<16995\> \<623\> \<664\>"

 

C:\WINDOWS\system32>

Reply
Options

33 Posts

01-07-2015

PL

209 Signins

1180 Page Views

  • Posts: 33
  • Registered: ‎01-07-2015
  • Location: PL
  • Views: 1180
  • Message 26 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 8:54 AM

Can anybody explain me why I am censored on this forum if I try to help ?

 

 

I think you can't censor full internet...

Reply
Options

2375 Posts

05-01-2010

US

12621 Signins

145598 Page Views

  • Posts: 2375
  • Registered: ‎05-01-2010
  • Location: US
  • Views: 145598
  • Message 27 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 11:32 AM

wrote:

Can anybody explain me why I am censored on this forum if I try to help ?

 


Hi Luc_T410,

I don't see that you were censored. A post was merged from another forum so all discussion would be in this topic.  An entire post shouldn't disappear unless there is a violation of forum rules. I'm wondering if the community software removed your post when it merged the other one.

Try reposting that, and let's see if it stays.






Microsoft MVP Consumer Security 2006-2016 / Windows Insider MVP 2016-Present
I am not employed by Microsoft or Lenovo.


Deutsche Community Comunidad en Español English Community Русскоязычное Сообщество Communidade Portugues


Using Browser Search to Find Your Answers In Lenovo and Moto Community
Reply
Options

33 Posts

01-07-2015

PL

209 Signins

1180 Page Views

  • Posts: 33
  • Registered: ‎01-07-2015
  • Location: PL
  • Views: 1180
  • Message 28 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 12:16 PM
My first post that was moved here can be find in page 1, no problem.
After that I only posted in this thread.
This solution was in page 3 as first message that I posted yesterday and today I updated after I had confirmation that is viable for remote access from all other hosts but not from local host using LMS.
Short time after I updated my whole post disappeared... you can see the print screens I have it.

No more comments from me here as this solution I made it available for everybody interested on other places:
https://forum.pfsense.org/index.php?topic=130046.msg716793#msg716793
...
https://communities.intel.com/thread/114172
Reply
Options

2375 Posts

05-01-2010

US

12621 Signins

145598 Page Views

  • Posts: 2375
  • Registered: ‎05-01-2010
  • Location: US
  • Views: 145598
  • Message 29 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 15:24 PM

I found the problem. It should be fixed now. :smileyhappy:

Check your Message Inbox.

Thanks

Reply
Options

33 Posts

01-07-2015

PL

209 Signins

1180 Page Views

  • Posts: 33
  • Registered: ‎01-07-2015
  • Location: PL
  • Views: 1180
  • Message 30 of 44

Re: Remote security exploit in all 2008+ Intel platforms

2017-05-07, 16:32 PM
Thank you.
Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save

X

Delete