Dell has started releasing BIOS updates to computers affected by the disclosed vulnerability in the Intel AMT framework. Intel’s Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology all have the vulnerability and Dell is working to mitigate the problem with BIOS firmware updates.
Dell issued a client statement on the topic (PDF). They provide links to the Intel Security Advisory (Intel-SA-00075), the Intel Mitigation Guide, and Intel’s Detection Guide.
The vulnerability “can allow an unprivileged attacker to gain control of the manageability features provided by these products. This vulnerability does not exist on Intel-based consumer PCs with consumer firmware, Intel servers utilizing Intel® Server Platform Services (Intel® SPS), or Intel® Xeon® Processor E3 and Intel® Xeon® Processor E5 workstations utilizing Intel® SPS firmware.”
In Dell’s client statement, they list the models of OptiPlex, Latitude, Precision, XPS, Wyse, and Venue models impacted along with the version of their BIOS that has patched the vulnerability. Many of these updated BIOS were released on Friday with more models scheduled for their updates to be released throughout this month and into early June. See the full table
Other manufacturers have also released responses to the vulnerability.
HP – http://www8.hp.com/us/en/intelmanageabilityissue.html
Lenovo – https://support.lenovo.com/us/en/product_security/LEN-14963
Fujitsu – http://support.ts.fujitsu.com/content/Intel_Firmware.asp