This is an WARNING alert box.
This is an ERROR alert box.
Skip to main content
This is an INFO alert box.
Intel Active Management Technology
Is there a way to scan for deployed AMT machines and vPro machines ?
Didn't find what you were looking for?
Questions about Lotus Themes products and services
Instructions related to themes installation and usage
Join discussions with other users
installation, branding, customization
This is what I have so far. It's an Inventory report that looks at driver versions. Unfortunately Inventory doesn't seem to pick up older versions of Intel Management Engine Interface. I have an internal bug ticket open for that.
I updated it to include Intel Management Engine Interface entries that have an empty Driver Version.
Thank you. Question, this looks for the existence of the driver, but is there a way to see if the AMT is provisioned or not ?
I put together a package that parses the output of Intel's Platform Discovery tool. All of my systems are currently not provisioned, so I'm trying to provision one of them to verify the effectiveness of this package.
Please help, maybe I'm doing something wrong here.
I've imported your .xml into PDQ deploy, I downloaded and copied the PlatformDiscovery tool and placed it into $Repository directory folowing the \Intel\Platform Discovery\ path location..
This is the error I'm getting:
I'm not sure if you noticed, but Intel provided a special tool to check if your system is ATM vulnerable
Don't you guys considering to create a user-friendly PDQ Invetory collection to allow us to see, if our workstations are vulnerable?
It looks like it saved the path of your repository to results.xml instead of running the tool. Try replacing the . with a &.
I will look into that discovery tool.
I updated that package to use Start-Process. Hopefully it works better now :)
Hmm, Start-Process isn't behaving how I thought it would. I switched to & and added some detail to the logging.
That last version you've posted is working just fine. In the output.log I can see what I'm looking for.
Question now is, is this tool really doing what it should?
My system was ATM vulnerable. I change BIOS/UEFI setting to disable ATM support. Started up Windows system again, ran the Intel-SA-00075-GUI utility again, and status has updated to: Unknow
When I ran your latest script, output log says:
Intel AMT is not supported
So I'm wondering, does these tools really telling you actual status? But that's the question for another company (Intel). In my situation I've discovered that only two model lines are vulnerable.
Also wondering, no other admins are debating this security issue? Not interested ?
In any case, thank you for your effort. New BIOS firmwares should be released soon, this is the way we will go and patch our systems
Please sign in to leave a comment.