Skip to main content
  1. Home
  2. Computing
  3. News

Intel AMT firmware suffers security flaw even when machines are off

By
Add as a preferred source on Google

Another security vulnerability has been revealed that poses a significant risk for a number of PCs running Intel chipsets or processors. This one’s a bit different — and potentially more dangerous — than many other vulnerabilities in that it targets business-class systems in particular. It can also affect machines that aren’t even running.

The flaw, which exists in certain Intel chipset firmware versions utilized by some systems with vPro processors, affects the Active Management Technology, or AMT, feature. AMT lets administrators manage machines via remote connections, and the vulnerability allows attackers to bypass authentication and utilize the same capabilities, Ars Technica reports.

Recommended Videos

AMT is a part of the remote access features of some systems that allow remote access to a machine even when it’s shut down. As long as such a machine has power, it can by design be accessed with all the intended remote capabilities enabled.

Intel designed AMT to demand a password before allowing remote access via web browser. Unfortunately, the flaw allows attackers to bypass the AMT system’s usual authentication requirement. Tenable Network Security, which has created what it characterizes as the first Intel AMT vulnerability detection capability, describes the flaw as follows:

” … we reduced the response hash to one hex digit and authentication still worked. Continuing to dig, we used a NULL/empty response hash (response=”” in the HTTP Authorization header). Authentication still worked. We had discovered a complete bypass of the authentication scheme.”

As Ars Technica points out, the issue is made even worse by the AMT feature’s design, in which network traffic is passed through the Intel Management Engine and to the AMT, bypassing the operating system. That means that there’s no record of unauthorized access.

Intel indicated in a blog post that PC manufacturers should be releasing patches for affected systems within the week. It also posts a tool to locate and diagnose vulnerable systems. Fujitsu, HP, and Lenovo have provided information on their own affected systems. So far, the Shodan security search engine has located more than 8,500 machines that are vulnerable to attack.

Updated on 5-10-2017 by Mark Coppock: Clarified that the flaw exists in certain chipset firmware and not inherent in Intel vPro processors and removed the incorrect reference to any empty text field being able to bypass AMT authentication.

Mark Coppock
Mark Coppock
Former Computing Writer
Mark Coppock is a Freelance Writer at Digital Trends covering primarily laptop and other computing technologies. He has…
Topics
Gemini Live can finally remember what you told it in past conversations
A quiet update brings chat history recall to Gemini Live, a feature text-based Gemini has had for over a year.
Home screen of Gemini Live with camera and screen sharing.

Talking to Gemini Live no longer means starting from a blank slate every time. Google has quietly extended memory access to Gemini's conversational mode, allowing it to recall details from past conversations when answering new questions.

What the update brings

Read more
macOS 27 Golden Gate: Everything we know about the new features landing on your Mac
Apple’s next Mac update is all about Siri AI and a cleaner Liquid Glass design
macOS 27 Golden Gate

Apple has officially unveiled macOS 27 Golden Gate, the next major version of macOS coming to supported Macs later this year. And while last year’s macOS Tahoe update was all about giving the Mac a fresh Liquid Glass redesign, Golden Gate looks more like Apple’s cleanup and Apple Intelligence update.

macOS Golden Gate is jam-packed with new features, including the redesigned Siri AI, a new standalone Siri app, Visual Intelligence on Mac, more capable Apple Intelligence features across core apps, performance improvements, and some much-needed design refinements. It is also a notable update, since Intel Macs are no longer part of the supported device list.

Read more
Google’s AI Overviews are blabbering about fictional monsters as if they’re real
A new report claims Google's AI Overviews described fan-fiction horror creatures from the SCP Foundation as documented fact in at least 20 cases.
Google Search AI Overview misidentifying May 6 2026 as May 20 2025.

Google's AI Overviews feature is reportedly presenting entries from the SCP Foundation, a popular fan fiction universe built around fake horror "anomalies," as though they describe real creatures and events. Futurism found at least 20 cases where the AI-generated summaries skipped any mention that the SCP entries are fiction.

Confusing made-up monsters as the real thing

Read more