Dell to patch AMT-vulnerable systems

BIOS fixes for most boxen promised Friday

Dell, which last week was scrambling to work out which of its systems are affected by the Intel AMT vulnerability, is scrambling to catch up with peers HP Inc, Lenovo and Fujitsu.

In a note published on Friday, the company said it would publish firmware fixes for most vulnerable kit.

As readers should already know, Intel introduced the bug in 2010, and it turned out that an attacker need only offer an empty login string to Chipzilla's VPro AMT remote management firmware to access vulnerable systems.

Intel has published a scanner for the bug, designated CVE-2017-5689.

The company emphasises that “only those purchased with Intel AMT, SBT, or ISM capability are vulnerable”. Fixes will appear at Dell's support page, it said.

Systems without a scheduled fix release date include:

Client System Firmware Version
OptiPlex 9010 AIO
OptiPlex 9010
OptiPlex 790
OptiPlex 990
OptiPlex 780
Latitude E6440 ATG
Latitude E5530
Latitude E6320
Latitude E6420
Latitude E6520
Latitude E6420 XFR
Latitude E6220
Latitude XT3
Latitude E4310
Latitude E6510
Latitude E6410
Latitude E6410 ATG
Precision T1650
Precision M4600
Precision M6600
Precision T1600
Precision T7600 (WS)
Precision T5600 (WS)
Precision T5600XL (WS)
Precision T3600 (WS)
Precision T3600XL (WS)
Precision M4500


Sponsored: Minds Mastering Machines - Call for papers now open

Biting the hand that feeds IT © 1998–2018