New Intel CPU Hack, turns your switched off Computer into a Zombie

The Management Engine is an independent subsystem that lives in a separate microprocessor on Intel chipsets; it exists to allow administrators to control devices remotely for all types of functions, from applying updates to troubleshooting. And since it has extensive access to and control over the main system processors, flaws in the ME give attackers a powerful jumping-off point.

Intel specifically undertook what spokesperson Agnes Kwan called a “proactive, extensive, rigorous evaluation of the product,” in light of findings that Russian firmware researchers Maxim Goryachy and Mark Ermolov from the vulnerability assessment firm Positive Technologies will present at Black Hat Europe next month. Their work shows an exploit that can run unsigned, unverified code on newer Intel chipsets, gaining more and more control using the ME as an unchecked launch point. The researchers also play with a sinister property of the ME: It can run even when a computer is “off” (just so long as the device is plugged in), because it is on a separate microprocessor, and essentially acts as a totally separate computer.

from https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/

----------NOT AFFECTED -----------------------------
1Desktop processors

• 1.1Nehalem microarchitecture (1st generation)
  • 1.1.1"Bloomfield" (45 nm)
  • 1.1.2"Lynnfield" (45 nm)
• 1.2Westmere microarchitecture (1st generation)
  • 1.2.1"Gulftown" (32 nm)
• 1.3Sandy Bridge microarchitecture (2nd generation)
  • 1.3.1"Sandy Bridge" (32 nm)
  • 1.3.2"Sandy Bridge-E" (32 nm)
• 1.4Ivy Bridge microarchitecture (3rd generation)
  • 1.4.1"Ivy Bridge" (22 nm)
  • 1.4.2"Ivy Bridge-E" (22 nm)
• 1.5Haswell microarchitecture (4th generation) Released in Year  2013-14
  • 1.5.1"Haswell-DT" (quad-core, 22 nm)
  • 1.5.2"Haswell-H" (MCP, quad-core, 22 nm)
  • 1.5.3"Haswell-E" (22 nm)
• 1.6Broadwell microarchitecture (5th generation) Released in Year  2015
  • 1.6.1"Broadwell-H" (quad-core, 14 nm)
  • 1.6.2"Broadwell-E" (14 nm)
    
    ----------------  AFFECTED ----------------------------------------------------------------
    
• 1.7Skylake microarchitecture (6th generation) Release in Year 2015
  • 1.7.1"Skylake-S" (quad-core, 14 nm)
  • 1.7.2"Skylake-H" (quad-core, 14 nm)
  • 1.7.3"Skylake-X" (14 nm)
• 1.8Kaby Lake microarchitecture (7th generation)
  • 1.8.1"Kaby Lake-S" (14 nm)
  • 1.8.2"Kaby Lake-X" (14 nm)
• 1.9Coffee Lake microarchitecture (8th generation)
  • 1.9.1"Coffee Lake-S" (14 nm) ^[11]

from https://en.wikipedia.org/wiki/List_of_Intel_Core_i7_microprocessors

Fix it
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html