Researchers have found a critical vulnerability in Intel’s remote management technology that allows attackers to gain remote access to millions of systems running on Intel chips.

The vulnerability affects every laptop, PC, and server that has Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), or Intel Small Business Technology (SBT) features enabled. Intel Macs do not ship with the AMT software, so they are not affected.

These remote management features are enabled on many vPro chips and allow IT admins to manage systems remotely across the organization.

Although the system is protected through username and password, Maksim Malyutin, a researcher at embedded security firm Embedi, discovered that the protection can be bypassed using simple tools. He discovered it while reverse engineering AMT, which also shows how important it is to allow reverse engineering of products.

Intel has implemented and validated a firmware update to address the problem and is working with computer makers to integrate the fix with their software.

Intel expects that computer makers will make updates available beginning the week of May 8 and continuing thereafter.

Intel has issued some tips to people and companies using business PCs and devices that incorporate AMT, ISM, or SBT to ensure the security of their system.