I just ran a query on the keywords. We use kace1000 that has inventory of everything installed on a workstation so I was hoping it would give me some insight.
1 Like
stay tuned -- there will be better scanning tools pretty soon.
1 Like
Dell was pretty good to get a scan tool out there for that vulnerability a couple of years ago... what was it? The spyware stuff? Anyway, hopefully you're right. A true tool would be best.
Would be an interesting video to make
Shit.
I should be able to do the uninstall with PDQ deploy. I'll post the how-to if I can get it to work.
Yeah it's so bad we don't even have all the tools yet. There is a firmware component too so who knows if this will really fix it too
That's disgusting. I can confirm before deleting the lms.exe you need to taskkill C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe -- at least on my machine. I'll confirm whether or not I can complete it with PDQ deploy in a minute... it happens to be in the middle of patching a few hundred machines java atm so it's queued up.
For anyone interested here is the working XML export the get rid of this. I make no promises this won't make something break however. You can download PDQ deploy for free athttps://www.pdq.com/pdq-deploy/ then import this XLM and deploy it to all affected workstations.
@wendell I don't know how to put that into a code box.
Edit edit:
Deleted the XML since it was incomplete when posted. I can confirm this is being scanned and probably attempted to be exploited. I had several logs this morning off the firewall where traffic was stopped on these ports.