In May 2017 Intel publicly confirmed the vulnerability in own firmware for vPro/AMT.
To download and patch such computers from Dell use links inside the PDF file from following link.
But as i mentioned in my linkedin post it’s possible to protect even noname computers (without updated BIOS) with compromised ME firmware — implementing SSL/TLS certificates for mutual authentication. In this post i will show how it can be done.
At first let’s consider that
- you know that your computer supports vPro/AMT, ME version, you know AMT type (ISM or full AMT and so on)
- you already use intel
… Read the rest
Microsoft Windows 7 USB DVD download tool is very capricious, long time is not updated, doesn’t work in many cases (can after spent long time to copy 2-4gb, only in the end of process suddenly cast error that couldn’t create boot records; or doesn’t work on other version of windows and so on). Therefore i prefer to use tiny rufus utility. It’s free and very small – less than megabyte. Doesn’t need to be installed – portable – ready to work immediately after download. Very stable work to create Windows install disks for any edition and version, including windows 10 … Read the rest
To have for each tool CD/DVD/USB flash disk is too inconvenient, so let’s combine on one USB flash disk all of them.
- Download yumi
- format your Flash disk as FAT32 (ntfs will not work with grub loader), so there is iso file limitation of FAT32, not more than 2GB.
- never leave in iso file name spaces. Prepare all necessary iso files (usually i prefer to have multiple versions of hiren tools/ERD/DART10/acronis tools, veeam BER, macrius repair disk, veeam agent, WDS capture disk and so on)
- iso files are not extracted and copied as is to the flash disk !!! not
… Read the rest
Let’s Encrypt free certificates are very useful for Microsoft web servers, MS Dynamics Nav web client access, Exchange and Lync/Skype for business external accesses and so on (better to use it with windows ACME clients for auto prolongation of certificate)
But if you have problems with publishing 80/443 port of your web server (conflict with router admin port, or maybe even server is not in public Internet access and so on, maybe you should configure manually Let’s encrypt SSL for your testing environment)
1. go to https://zerossl.com
Certbot/ACME clients use “HTTP verification”. We will in this post use … Read the rest