The Intel Management Engine has been included on Intel chipsets since 2008. It’s basically a tiny computer-within-a-computer, with full access to your PC’s memory, display, network, and input devices. It runs code written by Intel, and Intel hasn’t shared a lot of information about its inner workings.
This software, also called Intel ME, has popped up in the news because of security holes Intel announced on November 20, 2017. You should patch your system if it’s vulnerable. This software’s deep system access and presence on every modern system with an Intel processor means it’s a juicy target for attackers.
What Is Intel ME?
So what is the Intel Management Engine, anyway? Intel provides some general information, but they avoid explaining most of the specific tasks the Intel Management Engine performs and precisely how it works.
As Intel puts it, the Management Engine is “a small, low-power computer subsystem”. It “performs various tasks while the system is in sleep, during the boot process, and when your system is running”.
In other words, this is a parallel operating system running on an isolated chip, but with access to your PC’s hardware. It runs when your computer is asleep, while it’s booting up, and while your operating system is running. It has full access to your system hardware, including your system memory, the contents of your display, keyboard input, and even the network.
We now know that the Intel Management Engine runs a MINIX operating system. Beyond that, the precise software that runs inside the Intel Management Engine is unknown.
It’s a little black box, and only Intel knows exactly what’s inside.What Is Intel Active Management Technology (AMT)?
Aside from various low-level functions, the Intel Management Engine includes Intel Active Management Technology. AMT is a remote management solution for servers, desktops, laptops, and tablets with Intel processors. It’s intended for large organizations, not home users. It’s not enabled by default, so it isn’t really a “backdoor”, as some people have called it.
AMT can be used to remotely power on, configure, control, or wipe computers with Intel processors. Unlike typical management solutions, this works even if the computer isn’t running an operating system. Intel AMT runs as part of the Intel Management Engine, so organizations can remotely manage systems without a working Windows operating system.
In May 2017, Intel announced a remote exploit in AMT that would…
The post Intel Management Engine, Explained: The Tiny Computer Inside Your CPU appeared first on FeedBox.