• Stars
    star
    141
  • Rank 259,971 (Top 6 %)
  • Language Batchfile
  • License
    MIT License
  • Created over 7 years ago
  • Updated over 7 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Tool to disable Intel AMT on Windows

Disable Intel AMT

Tool to disable Intel AMT on Windows. Runs on both x86 and x64 Windows operating systems. Download:

DisableAMT.exe

DisableAMT.zip

What?

On 02 May 2017, Embedi discovered "an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products".

Emedi has also released a technical paper about their discovery: Silent Bob is Silent (PDF)

Read also: Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege

Assigned CVE: CVE-2017-5689

Wait, what?

Your machine may be vulnerable to hackers.

How do I know if I'm affected?

If you see any of these stickers or badges on your laptop, notebook or desktop, you are likely affected by this:

Intel badges

Additionally, Intel AMT does run on non-vPro based processors in some cases with reduced functionality, called Standard Manageability. The tool presented here does not differentiate between processor types. This means it can also disable AMT on your machine, regardless of processor.

You may want to read: How To Find Intel® vPro™ Technology Based PCs

Usage

Simple. Download and run DisableAMT.exe, and it will do the work for you. This is based on the instructions provided by the INTEL-SA-00075 Mitigation Guide

When executing the tool, it will run quickly and when done, will present you with the following screen: Intel AMT disabler

Type Y or N if you would also like to automatically disable (by renaming) the actual LMS.exe (Intel Local Management Service) binary. When finished, a logfile will open up. Reboot your machine at this point.

There is also a short video guide avilable by MajorGeeks here. That's all! Simple!

Details about the tool

The tool is written in batch, and has the necessary components inside to unconfigure AMT. The batch file was compiled to an executable using the free version of Quick Batch File Compiler, and subsequently packed with UPX to reduce filesize. Additionally, ACUConfig.exe and ACU.dll from Intel's Setup and Configuration Software package is included. You may find all these files in the sources folder.

Please find hashes below:

Filename MD5 SHA1 SHA256
DisableAMT.exe fd1e986ba3376c161cdfaf5f5b1ae5fd e81f58bf35f64067aa359bcbf1bbbe5305d6b13b 837303761c87f3e8f3bfb3f5cb2eef16679a688df5781dc446300717f42a481f
DisableAMT.zip 7876752e29178a85beae1e5a0b636faa 89a2a64066c127c4f8fbdbf7ad946b59beaf4009 796e63854aaf3630cdfff642dc7f18fa4a32097737da45b0a5b83fb0a15fd72a
ACUConfig.exe 4117b39f1e6b599f758d59f34dc7642c 7595bc7a97e7ddab65f210775e465aa6a87df4fd 475e242953ab8e667aa607a4a7966433f111f8adbb3f88d8b21052b4c38088f7
ACU.dll a98f9acb2059eff917b13aa7c1158150 d869310f28fce485da0c099f7df349c82a005f30 c569d9ce5024bb5b430bab696f2d276cfdc068018a84703b48e6d74a13dadfd7

Does the tool make any hardware or firmware changes, or to the BIOS?

No.

Is there an easier way to do this?

Probably. Best way to mitigate, is to update your firmware. See for a list of vendors affected here, or see below.

List of vendors with firmware updates available:

HP Inc. - http://www8.hp.com/us/en/intelmanageabilityissue.html

HP Enterprise - http://h22208.www2.hpe.com/eginfolib/securityalerts/CVE-2017-5689-Intel/CVE-2017-5689.html

Lenovo - https://support.lenovo.com/us/en/product_security/LEN-14963

Fujitsu - http://support.ts.fujitsu.com/content/Intel_Firmware.asp

Dell Client - http://en.community.dell.com/techcenter/extras/m/white_papers/20443914

Dell EMC - http://en.community.dell.com/techcenter/extras/m/white_papers/20443937

Acer - https://us.answers.acer.com/app/answers/detail/a_id/47162

Asus - https://www.asus.com/News/uztEkib4zFMHCn5r

Panasonic - http://pc-dl.panasonic.co.jp/itn/info/osinfo20170512.html

Intel – NUC, Compute Stick and Desktop Boards.

Extra information:

wikiHow on how to update your computer's BIOS