In the beginning of May, Intel announced that a vulnerability had been detected in their Intel® Active Management Technology (AMT), available in many of their processors and chipsets including some processors and chipsets used in the Surface device lineup. You can read more about this vulnerability from the Intel Security Center advisory Intel-SA-00075 or from the NIST National Vulnerability Database entry CVE-2017-5689 .
Devices in the Surface lineup are not vulnerable to this exploit and no action is required on the part administrators or users.
You can verify the potential vulnerability of your device for yourself using the INTEL-SA-00075 Discovery Tool, available here from the Intel Download Center.
Source: Intel AMT Vulnerability and Surface Devices Surface