I’m sure by now many of you that try and keep up with hardware and software news have heard about the Intel Management Engine vulnerability that can allow actions such as remote access by unwanted parties, code execution and memory modifications outside of the OS, and more. This vulnerability is present in many Intel chips dating back nearly 9-years. Basically, any Intel chip that has the Management Engine chip and firmware.
Bryan Lunduke recently uploaded a talk with some folks from System76 – a major manufacturer of Linux-based laptops, desktops, and servers – regarding the topic and their plans to disable the IME starting with all their laptop SKUs.
You can read the official Intel release regarding the vulnerability here. There’s also a great article on the topic by the EFF that I highly recommend reading.
Dell now appears to be offering to disable IME for $20 on certain models. Read more here.