Hi Sean,
My understanding from your post is that your goal is to not have to update the BIOS on 1500+ systems and that you have run the detection and mitigation tool for Intel SA-00075. While performing the mitigation steps will help, your systems will still be considered vulnerable (even when re-running the tool against mitigated systems) until the firmware update for SA-00075 has been applied.
I could not tell from your post if you use a central management tool in your environment, like SCCM. There are methods for performing queries of your environment to determine systems that are vulnerable and then create a task to update the firmware.
Referencing one post that might be helpful:
https://communities.intel.com/thread/120105
Please let me know if there is anything further I can assist with.
Regards,
Michael A
https://downloadcenter.intel.com/download/26755
↧
Re: AMT vulnerability
↧