[SingCERT] Alert on Intel Active Management Technology (AMT) Issue

Published on Saturday, 13 January 2018 11:52

[Updated on 24th Jan 2018 with latest advice from Intel]


On 12 January 2018, security firm F-Secure reported an insecure default behaviour within Intel Active Management Technology (AMT) that could allow an attacker to bypass login processes and take control of a user's computer.

AMT is a feature that comes with Intel-based chipsets to enhance the manageability of computers; it allows IT Administrators to remotely manage and repair a large pool of machines in their organisation.


This issue mainly affects corporate users with the Intel AMT feature enabled with default "admin" password.


The issue allows anyone with physical access to the affected computer to bypass the need to enter login credentials and enable remote administration for later exploitation.


Users are advised to watch out for the coming update from Intel.

  • Exploiting the issue requires physical access. Users can protect their computers by not leaving them unattended in public areas.
  • Users can mitigate the risk by changing its default password "admin" to something secure.
  • Users who do not need this Intel AMT feature can choose to disable it.


[24th Jan 2018] https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/