Reg comments5

Dell to patch AMT-vulnerable systems

BIOS fixes for most boxen promised Friday

Dell, which last week was scrambling to work out which of its systems are affected by the Intel AMT vulnerability, is scrambling to catch up with peers HP Inc, Lenovo and Fujitsu.

In a note published on Friday, the company said it would publish firmware fixes for most vulnerable kit.

As readers should already know, Intel introduced the bug in 2010, and it turned out that an attacker need only offer an empty login string to Chipzilla's VPro AMT remote management firmware to access vulnerable systems.

Intel has published a scanner for the bug, designated CVE-2017-5689.

The company emphasises that “only those purchased with Intel AMT, SBT, or ISM capability are vulnerable”. Fixes will appear at Dell's support page, it said.

Systems without a scheduled fix release date include:

Client System Firmware Version
OptiPlex 9010 AIO 8.1.71.3608
OptiPlex 9010 8.1.71.3608
OptiPlex 790 7.1.91.3272
OptiPlex 990 7.1.91.3272
OptiPlex 780 6.2.61.3535
Latitude E6440 ATG 9.1.41.3024
Latitude E5530 8.1.71.3608
Latitude E6320 7.1.91.3272
Latitude E6420 7.1.91.3272
Latitude E6520 7.1.91.3272
Latitude E6420 XFR 7.1.91.3272
Latitude E6220 7.1.91.3272
Latitude XT3 7.1.91.3272
Latitude E4310 6.2.61.3535
Latitude E6510 6.2.61.3535
Latitude E6410 6.2.61.3535
Latitude E6410 ATG 6.2.61.3535
Precision T1650 8.1.71.3608
Precision M4600 7.1.91.3272
Precision M6600 7.1.91.3272
Precision T1600 7.1.91.3272
Precision T7600 7.1.91.3272 (WS)
Precision T5600 7.1.91.3272 (WS)
Precision T5600XL 7.1.91.3272 (WS)
Precision T3600 7.1.91.3272 (WS)
Precision T3600XL 7.1.91.3272 (WS)
Precision M4500 6.2.61.3535

®


Biting the hand that feeds IT © 1998–2017