Intel Management Engine: Difference between revisions

The '''[[Intel]] Management Engine (ME)''' is an embedded microcontroller integrated into Intel's chipsets since 2008. From version 11 onwards, it runs a (closed-source) modified version of [https://www.minix3.org/ MINIX] as its operating system.<ref name=":4">{{Cite web |date=2023-09-26 |title=What is Intel® Management Engine? |url=https://www.intel.com/content/www/us/en/support/articles/000008927/software/chipset-software.html |url-status=live |access-date=2026-02-04 |publisher=Intel}}</ref><ref name=":5">{{Cite web |last=Ermolov |first=Mark |last2=Goryachy |first2=Maxim |date=28 Aug 2017 |title=Disabling Intel ME 11 via undocumented mode |url=https://web.archive.org/web/20201201175708/http://blog.ptsecurity.com/2017/08/disabling-intel-me.html?m=1 |url-status=dead |access-date=2026-02-04 |website=Positive Technologies}}</ref><ref>{{Cite web |last=Tanenbaum |first=Andrew S. |title=An Open Letter to Intel |url=https://www.cs.vu.nl/~ast/intel/ |url-status=live |access-date=2026-02-04 |website=www.cs.vu.nl}}</ref>.

|A "Ring -3 Rootkit" for the Q35 chipset was demonstrated by Invisible Things Lab, allowing an attacker to execute code, even when Intel AMT was disabled in the BIOS.<ref>{{Cite web |last=Tereshkin |first=Alexander |last2=Wojtczuk |first2=Rafal |date=29 Jul 2009 |title=Introducing Ring -3 Rootkits |url=https://blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |url-status=live |archive-url=https://web.archive.org/web/20251205092502/http://www.blackhat.com/presentations/bh-usa-09/TERESHKIN/BHUSA09-Tereshkin-Ring3Rootkit-SLIDES.pdf |archive-date=2025-12-05 |access-date=2026-02-04 |publisher=Blackhat}}</ref> The bug was subsequently patched by Intel.<ref>{{Cite web |date=2008-08-26 |title=Intel patches the Q35 bug |url=https://theinvisiblethings.blogspot.com/2008/08/intel-patches-q35-bug.html |url-status=live |access-date=2026-02-03 |website=The Invisible Things Lab's blog}}</ref>