Security Advisory for Active Management Technology (Skylake)

Loron Gibson -

Service Information Notice: INF8521/INF8511/INF8022/INF8012/INF7023/INF7012/INF6522/INF6512/INF-MCENTER3

Intel SA 00075 Security Advisory for Active Management Technology

 

Issue:

Intel has released an Security Advisory pertaining to potential security vulnerability in PC BIOS that utilize or have the AMT function enabled.

https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/733638

 

Solution:

For the SkyLake PC Module (INF8521/INF8511/INF8022/INF8012/INF7023/INF7012/INF6522/INF6512/INF-MCENTER3) models we are researching with engineering for a BIOS update but in the interim simply disable AMT function in BIOS.

The solution is to disabled the AMT function inside of the BIOS to mediate the risk.

 

Disabling AMT Function:

To meet the requirement for Intel SA 00075 Security Advisory for Active Management Technology the solution is to disable the Intel AMT function inside of the BIOS. There will not be a BIOS update for this PC module.

 

To disable the AMT functionality in the INF8521/INF8511/INF8022/INF8012/INF7023/INF7012/ INF6522/INF6512 PC Module follow the steps below:

  1. Reboot the PC module with a wired keyboard attached. As soon as the system restarts immediately start pressing the “Delete” key on the keyboard continuously every ½ second until the PC boots into the BIOS menu.

Note: If it boots into Windows reboot and try again

  1. Once the PC boots into the BIOS menu right arrow to the “Advanced” tab

 Pic_1.jpg

  1. Then down arrow to the AMT Configuration option and press the “Enter” key on the keyboard

pic_2.jpg

4. With the “Intel AMT” highlighted press enter the select “Disabled” then enter
5. Press “F4” Save & Exit
6. Select “Yes” to save and exit.
7. AMT function is now disabled

 

08-01-2017

Have more questions? Submit a request

Comments

Powered by Zendesk