Certified hardware: Risk evaluation >10th Gen. vs 3rd Gen

Hello,

I have done some research and still need some decision support regarding choosing between newer hardware (Intel 10th or 12th Gen) or the older one (Intel 3rd Gen.)

From my understanding on the newer ones Intel ME is only deactivated (for example for the NovaCustom NV41 Series). For the older ones Intel ME is neutered and deactivated (for example the Insurgo PrivacyBeast X230).

Some might vote for the newer ones because of microcode that receives updates or has a more actual updated state. And this might of course be security critical.

So we end up here:

But this user did some research so that the vulnerability argument seems not remain strong:

So my first question is, if this information is still current? Maybe @Insurgo ? I hope that tagging you is acceptable.

If yes, to use the newer ones seems only favorable in terms of performance.

Can someone tell me how to get a better understanding of the specific risks in comparison of Intel ME deactived vs. deactivated and neutered?

What are potential risk scenarios that the Intel ME is only deactivated and are their practically realistic?

I just want to bump this up maybe someone has some insights here to share.

I hope it is fine that I tag you maybe you again as you may missed this post @Insurgo and because you were a main contributor to that topic.