This document is the Dell response to the Intel Security Center advisory INTEL-SA-00075 that can affect Dell business PCs that support system manageability via Intel Active Management Technology (AMT), Intel Small Business Technology (SBT), or Intel Standard Manageability (ISM). This document includes mitigation recommendations as well as firmware update details for impacted Dell business PCs and will be updated as new information becomes available.
Updated: May 25, 2017
Hi, I ran the Intel detection tool in my system Latitude E5450 and found a vulnerability. I didn't see it the 5450 as affected in the list.
E5450 is on the list, page 4 in the current rev of the document. Thanks.
The Latitude 7440/E7440 is not mentioned in the advisory. Is that by error?
Thanks all for the review and feedback. The E7440 was mistakenly entered as E4240 (typo) and will be corrected in the next revision.
Ran a detection on a Dell OptiPlex 7020, which came back as vulnerable
The OptiPlex 7010 is in the list but the intel discovery tool shows all our 7010 as Consumer and System_Risk>Not Vulnerable
Sorry, some code has been removed from my previous post.
The OptiPlex 7010 is in the list but the intel discovery tool shows all our 7010 as
System_Risk: Not Vulnerable
System_Exposure: Not Exposed
However the OptiPlex 7020 is not in the list but is shown as vulnerable in the intel discovery tool.
There are systems on the document with the date missing from BIOS UPDATE such as Optiplex 9010 and 990. Does this mean there will not be an update for these systems or that the BIOS update release date has not yet been determined?
My post hasn't showed up. We have a bunch of optiplex 790 and the document still says 'DATE PENDING', while others are having a solution or fix just released or in future date.
When we can get this fixed for our model?
My Latitude 6510 is on the list with a "pending date". Does that indicate that there will be an update coming? My system was found to have vulnerability. Will I be notified when an update is available or do I have to recheck later?
Hi, I have a question from a customer who says:
"Do you know if this vulnerability is exploitable remotely? Or do you have to have "physical" access to the system?
We do not install the software part, only the drivers, but the hardware part (Intel AMT chip) remains vulnerable"