Hi, I understand that you are wanting to block drivers and get a list for the device ID's for IME. Can you please provide more detail? The reason for more detail is that there is interaction with Microsoft OS and our drivers where they could be enabled. Clarification to your question will help us to better understand what you are needing.
Thanks for your reply.
I'd like to block installation of the driver in order to prevent access to Intel Management Engine through Windows.
My idea is that without the driver the unprivileged access issue in INTEL-SA-00075 would be mitigated.
Since an unprivileged user can't enable the driver it can't configure the vulnerable Management Engine chip.
As you know, I've sent this up to my developers and the guidance and their recommendation is to mitigate the vulnerability you must update to the version of firmware that fixes the issue. I apologize that I was not able to get what you were specifically asking for.