The past few years there's been the me_cleaner software for disabling and stripping parts of Intel's Management Engine for soft-disabling the notorious bit on modern Intel boards. ME_Cleaner has been making much progress and now there is work pending for being able to disable the newer Management Engine 12 found on more recent Intel motherboards.
The updated ME_Cleaner patch under review is similar to the disable functionality for older Intel platforms. Minor changes were needed due to the new integrated firmware image format and new position of the configuration bit within the ROM.
This IFWI/ME12 soft-disable support is expected to work on all Intel 300 series chipsets from the Q370 and Z390 through the lower-cut boards. While the High Assurance Platform bit is being handled, the work could be extended further as outlined in the PR. All in this code for dealing with Intel ME 12 is just under 200 lines of changed code.
3 Comments