Disable Intel AMT
Author:
BartBlaze
Date: 05/08/2017 Size: 7.21 MB License: Freeware Requires: Win 10 / 8 / 7 / Vista / XP Downloads: 10414 times TIP: Click Here to Repair or Restore Missing Windows Files |
Disable Intel AMT is a portable batch file to turn off a known Intel Active Management Technology (AMT) vulnerability with many Intel chipsets in Windows. Video guide available.
On 02 May 2017, "Embedi" discovered "an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products".
Well, that was wordy! In other words, the short version is that your machine may be vulnerable to hackers due to a vulnerability with your Intel processor.
While we expect Intel to address this issue, for now, this will patch the vulnerability.
If your PC has any one of the stickers below, you are vulnerable. If you don't have a sticker, Intel has a guide here: How To Find Intel vPro Technology Based PCs. You will also get errors in the log file, as seen in the screenshots below if you don't have a vPro chipset, so there's really no harm in running it if you don't know.
DisableAMT.exe is based on the findings from Intel's "INTEL-SA-00075 Mitigation Guide" which has since been removed. Simply double-click DisableAMT.exe and when you asked "Do you also want to disable the LMS.exe binary?" choose Y followed by enter and reboot. A log file will also be created at this point.
Disable Intel AMT does not make any changes to your hardware or firmware, or BIOS. There might be an easier way, but until this is patched, it gets the job done.
On 02 May 2017, "Embedi" discovered "an escalation of privilege vulnerability in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6 that can allow an unprivileged attacker to gain control of the manageability features provided by these products".
Well, that was wordy! In other words, the short version is that your machine may be vulnerable to hackers due to a vulnerability with your Intel processor.
While we expect Intel to address this issue, for now, this will patch the vulnerability.
If your PC has any one of the stickers below, you are vulnerable. If you don't have a sticker, Intel has a guide here: How To Find Intel vPro Technology Based PCs. You will also get errors in the log file, as seen in the screenshots below if you don't have a vPro chipset, so there's really no harm in running it if you don't know.
DisableAMT.exe is based on the findings from Intel's "INTEL-SA-00075 Mitigation Guide" which has since been removed. Simply double-click DisableAMT.exe and when you asked "Do you also want to disable the LMS.exe binary?" choose Y followed by enter and reboot. A log file will also be created at this point.
Disable Intel AMT does not make any changes to your hardware or firmware, or BIOS. There might be an easier way, but until this is patched, it gets the job done.
Screenshot for Disable Intel AMT