English Community

ThinkPad NotebooksThinkPad: P and W Series Mobile Workstations
All Forum Topics
Options

554 Posts

06-30-2011

GI

1350 Signins

3952 Page Views

  • Posts: 554
  • Registered: ‎06-30-2011
  • Location: GI
  • Views: 3952
  • Message 1 of 12

critical update: "intel management Engine 8.1 Firmware" a potential major security back door?

2017-06-05, 7:45 AM

I was pretty shocked to see this update.  Apparently, intel management engine is a backdoor which allows full control of the machine, even if the power is off. It is something on intel motherboards.  It has been noted that a backdoor can be used by a) legitimate corporate administrators, b) hackers c) gov. organisations.

 

Firstly, why would any user want to install a back door which allows undetectable access to the machine without the users knowlege or inteveition?

 

Secondly, why is this installed by Lenovo as standard, if it is only used by some large organisations?

 

Or am I wrong?

 

I have seen many articales about it saying "Intels management engine is the single most dangerous piece of computer hardward ever created", mainly because it has access to everything and noone knows exactly what it can do.

 

Now I am trying to find a way to remove this major security back door.

 

It seems that noone knows if disabling it in the bios is actaully disabling it, or not. It seems not, as you can still get a response from AMT if you hit: http://127.0.0.1:16992/logon.htm, and if you open the "intel management and security status" application, it says that AMT is enabled.

 

It seems ifyou connect to a public wifi, the machnes AMT is avaible to everyone on the network.

 

I have also seen that there are exploits allowing hackers to gain full access to your machine with trivial exploits such as sending null password.

 

Very very bad.

 

Solved! See the solution
Reply
Options

9644 Posts

12-27-2009

CA

3312 Signins

95273 Page Views

  • Posts: 9644
  • Registered: ‎12-27-2009
  • Location: CA
  • Views: 95273
  • Message 2 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-06-05, 7:57 AM
Management Engine's behavior has been well documented since it's inception. You're a little late to the party :)

The legitimate and intended use of the feature is for system administrators to provision and manage corporate machines remotely and conveniently.

It's not installed by Lenovo as standard, but rather Intel on any platform certified vPro (your system would have had this sticker from the factory).

If you are not in a corporate environment managed by Intel AMT, then it only provides risks and zero benefit. Removing it is impossible; wiping the ME firmware externally causes your system to shutdown 30 minutes after boot.

The firmware update you see fixes an exploitable vulnerability that was recently discovered in Intel's ME firmware.

W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U

0 person found this solution to be helpful.

This helped me too

Reply
Options

554 Posts

06-30-2011

GI

1350 Signins

3952 Page Views

  • Posts: 554
  • Registered: ‎06-30-2011
  • Location: GI
  • Views: 3952
  • Message 3 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-06-05, 8:01 AM
Thanks for the reply. I am very late for the party! I am amazed that this has no solution, and is accepted by consumers. I will make sure my next laptop does not have an intel motherboard, or equivalent back doors.
Reply
Options

554 Posts

06-30-2011

GI

1350 Signins

3952 Page Views

  • Posts: 554
  • Registered: ‎06-30-2011
  • Location: GI
  • Views: 3952
  • Message 4 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-06-05, 8:05 AM

Would installing a firewall on the laptop and blocking 16992 help, or is this intercepted by AMT before the OS is given the connection?  Obviously this would not work if the laptop is switched off.

Reply
Options

9644 Posts

12-27-2009

CA

3312 Signins

95273 Page Views

  • Posts: 9644
  • Registered: ‎12-27-2009
  • Location: CA
  • Views: 95273
  • Message 5 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-06-05, 14:08 PM
A lot of people would probably be unaware of Management Engine at all. AMD has their own similar solution, so you can't really switch to AMD either.

A software firewall won't help as it is intercepted by AMT in hardware long before your software firewall sees it, if it sees it at all.

W520: 2960XM, Q2000M @ 1091/1380, 32GB RAM, 500GB&750GB HDD & 500GB SSD, FHD&MB168B+
X61T: L7500, 4GB RAM, 500GB HDD, XGA screen, Ultrabase
W550s: 5600U, K620M at 1164/1281, 16GB RAM, 512GB SSD, 3K touchscreen
X200s: SL9400, 6GB RAM, 64GB SD card, WXGA+ screen
TPT1: 1839-23U
Reply
Options

1 Posts

06-21-2017

CH

3 Signins

50 Page Views

  • Posts: 1
  • Registered: ‎06-21-2017
  • Location: CH
  • Views: 50
  • Message 6 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-06-21, 8:02 AM

Hi

I am trying to update the Intel Management engine 8.1 firmware but my Lenovo ThinkPad X1 Carbon is just hanging. I have run the Intel Unprovision tool but it does not seem to improve the situation. Anybody have any ideas how to resolve.

 

Thanks


Sam

Reply
Options

3821 Posts

12-02-2007

US

9031 Signins

188738 Page Views

  • Posts: 3821
  • Registered: ‎12-02-2007
  • Location: US
  • Views: 188738
  • Message 7 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-07-07, 4:34 AM


I am a volunteer and neither a Lenovo nor a Microsoft employee.

L380 YogaP72 (20MB-*)P50 (20EN-*)S230u (3347-4HU)T23 (2648-LU7)T42 (2378-R4U)T43p (2678-H7U)T61p (6459-CTO)W510 (4318-CTO)W530 (2441-4R3)W530 (2441-4R3)X100e (3508-CTO)X120e (0596-CTO)X220 (4286-CTO)X250 (20CM-*)Yoga 370

  Communities:   English    Deutsche    Español    Português    Русскоязычное    Česká    Slovenská    Українська   Język Polski    Moto English


Need an answer, fast? Try using Browser Search to find it in the Lenovo and Moto Community
Reply
Options

94 Posts

05-26-2016

US

97 Signins

736 Page Views

  • Posts: 94
  • Registered: ‎05-26-2016
  • Location: US
  • Views: 736
  • Message 8 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2017-11-22, 16:06 PM

"late to the table"

 

Time to do some reading about the problem, it's seriousness, and it's date.

 

Beverly Howard

Reply
Options

94 Posts

05-26-2016

US

97 Signins

736 Page Views

  • Posts: 94
  • Registered: ‎05-26-2016
  • Location: US
  • Views: 736
  • Message 9 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2018-05-18, 19:02 PM

Looks like the Lenovo forum is totally adrift.

 

First of all, this is not "solved" but more embarrassingly, I just received an email post notification this morning for the post made by BAAM on 06-21-2017

 

Beverly Howard

Reply
Options

43 Posts

11-16-2016

US

73 Signins

495 Page Views

  • Posts: 43
  • Registered: ‎11-16-2016
  • Location: US
  • Views: 495
  • Message 10 of 12

Re: critical update: "intel management Engine 8.1 Firmware" a potential major security bac

2018-05-18, 21:45 PM

This can't be. This is like sleeping at night with your house's main door open and with a huge sign that says come have all you want. There has to be a way to get around this

Reply
Forum Home

Community Guidelines

Please review our Guidelines before posting.

Learn More

Check out current deals!

Go Shop
X

Save

X

Delete