What can I do about the intel management and security status?
I recently read about the Intel ME (Management Engine), which is a special area in new Intel processors that has complete control over the computer. Nobody knows exactly what it contains, and there are many security concerns about it. I learned about it here: What can I do about this? Are there any ways to stop this, or is it hopeless?
For intel management and security status you can completely and permanently (unless you reinstall it) disable Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability on Windows. These are components of the Intel Management Engine firmware. While Intel ME still runs, the Windows drivers are disabled and Intel ME can no longer access Windows.
1) Download the Intel Setup and Configuration Software (Intel SCS) and extract.
2) Open up an administrator command prompt and navigate to where you extracted the files in step 1run cd Configurator
3) In the command prompt, run ACUConfig.exe UnConfigure. If you get an error, try one of the options below: Unconfiguring a system in ACM without RCS integration: ACUConfig.exe UnConfigure /AdminPassword /Full
4) Still in the command prompt, disable and/or remove LMS (Intel Management and Security Application Local Management Service): sc config LMS start=disabled sc delete LMS also run sc qc LMS, which will either show you the path to LMS.exe or FAIL. If it shows you the path, use Explorer to delete it. If it FAILED, do not be concerned.
5) Reboot
6) Check if there is still a socket listening on the Intel ME Internet Assigned Names Authority (IANA) ports on the client: 16992, 16993, 16994, 16995, 623, and 664 (you can also do this before you start to verify it is listening. The Intel ME listens even if the Intel AMT GUI shows Intel ME is "Unconfigured") in a command prompt (does not need to be elevated), run netstat -an findstr `` "
7) The Intel AMT GUI should now show "information unavailable on both remaining tabs" (you might have had 3 or more tabs before going thru the steps above) Voilá, you have gotten rid of Intel AMT. And you've done the right thing, especially after the 2017-05-01 privilege escalation issue.
Answer (1)
The Intel Management and Security Status (IMSS) tool monitors the status of Intel's management and security features. If you're encountering issues or want to manage these features effectively, here are some steps you can take:
1. Understand IMSS
IMSS is part of Intel's Active Management Technology (AMT) and Intel Management Engine (ME). It provides information on the status and health of various Intel technologies related to system management and security.
2. Check for Updates
Ensure you have the latest drivers and software for Intel Management Engine. Updates can fix bugs, improve stability, and enhance security.
Visit the Intel Download Center.
Use your system manufacturer's website for specific drivers tailored to your hardware.
3. Review IMSS Messages
Pay attention to the messages and alerts provided by IMSS. They can give you specific information about potential issues or status updates that may require action.
4. Adjust BIOS/UEFI Settings
Some management and security features are controlled through the BIOS/UEFI settings.
Restart your computer and enter the BIOS/UEFI setup (commonly accessed by pressing a key like F2, F10, or Del during boot).
Check for settings related to Intel Management Engine and AMT. Ensure they are configured correctly for your needs.
5. Use Intel AMT
If you are in a managed IT environment, Intel AMT can be used for remote management of systems. Ensure it is properly configured and understand its capabilities, including:
Remote diagnostics and repair.
Power management.
Hardware and software inventory.
6. Disable Intel ME (if necessary)
In some cases, you may choose to disable Intel Management Engine for security or other reasons. This can typically be done in the BIOS/UEFI settings, but be cautious as it may impact system functionality.
Consult your system documentation or manufacturer’s support before making changes.
7. Consult Support
If you encounter persistent issues or need detailed assistance, contact Intel Support or your system manufacturer’s support. They can provide specific guidance and troubleshooting steps tailored to your hardware and software configuration.
Summary
Managing the Intel Management and Security Status involves keeping your drivers updated, reviewing IMSS messages, adjusting BIOS/UEFI settings, and potentially using Intel AMT for advanced management tasks. For persistent issues, consult support for professional assistance. By following these steps, you can ensure that Intel’s management and security features are functioning correctly and effectively.