This page by SSH collects information, fixes, and analyses of the Intel AMT Firmare remote code execution vulnerability of May 1, 2017 (CVE-2017-5689).
Your servers are in danger now through Intel AMT technology!
AMT enables remote management of the servers, including remote operating system installation. It is included in all modern Intel Xeon processors and associated chipsets. Essentially, AMT allows remote access to the system’s memory and disk over the network while the operating system is running.
The exploit is trival, max five lines of Python, could be doable in one-line shell command. IT GIVES FULL CONTROL OF AFFECTED MACHINES, INCLUDING ABILITY TO READ AND MODIFY EVERYTHING.
DISABLE AMT TODAY! ASK QUESTIONS LATER.
For data centers, if you can, FIREWALL THEM OFF. Block ports 16992, 16993, 16994, 16995, 623, 664 NOW.