The Intel Manageability Firmware Recovery Agent is part of the Intel(R) Active Management Technology driver stack that Intel provides to OEMs. Starting in 2011, it is relevant for any platform that has a Manageability Engine (ME). The confusing part of this is that it no longer strictly pertains to Intel Active Management Technology. There are actually many new Intel technologies that make use of the ME. It can be safe to say that if you purchase any computer with Intel processors from 2011 on, it is likely to have an ME/firmware.
The Intel ME Firmware Recovery Agent is needed for updating firmware when critical security vulnerabilities have been found. While Intel patches the firmware and makes the new releases available to OEMS, not every OEM takes the updates right away, if at all. The agent detects new firmware (for the ME 1.5Mb and ME 5Mb images) and automatically performs the update from Intel servers. This update is done via authentication with secure transfers and requires user opt-in. Unfortunately, many users may have no idea that their system has a Manageability Engine so they have no idea why they are being asked if it is OK to run the update. (Yes, it is OK!)
Regarding the security of the transfer, first, the firmware is signed and validated by the HW before being applied and executed. Since it is not sufficient for the certificate to be valid, the agent checks if the certificate is valid (not expired, etc.) and it checks to ensure the certificate is the one we want. The agent carries a blob taken from the original certifact's subject and it compares this blob with the certificate used to sign the update file. The blob lives in a protected directory in the system and it can't be changed without admin privilidges.
If the agent is disabled (or not provided by the OEM) the only other way to get the new update is if the OEM has provided it on their website and then users can download it and do the firmware update themselves, which sometimes can be tricky.
Hopefully this answers some questions we have seen regarding this agent and what it is for.
Icon Image:
