Jump to content

Invite Scene - #1 to Buy, Sell, Trade or Find Free Torrent Invites

#1 TorrentInvites Community. Buy, Sell, Trade or Find Free Torrent Invites for Every Private Torrent Trackers. HDB, BTN, AOM, DB9, PTP, RED, MTV, EXIGO, FL, IPT, TVBZ, AB, BIB, TIK, EMP, FSC, GGN, KG, MTTP, TL, TTG, 32P, AHD, CHD, CG, OPS, TT, WIHD, BHD, U2 etc.

LOOKING FOR HIGH QUALITY SEEDBOX? EVOSEEDBOX.COM PROVIDES YOU BLAZING FAST & HIGH END SEEDBOXES | STARTING AT $5.00/MONTH!

How to find out if your Intel system has vulnerable Intel Manageability Engine


Len

Recommended Posts

Intel published a security advisory yesterday detailing security vulnerabilities in the firmware of the company's Management Engine, Server Platform Services, and Trusted Execution Engine.

A wide range of Intel processor families and products are affected by these issues, including 6th, 7th and 8th generation Intel Core processors, Intel Xeon processors, Intel Atom processors, Apollo Lake processors and Intel Celeron processors.

Basically, systems using Management Engine firmware versions 11.0, 11.5, 11.7, 11.10, and 11.20, Server Platform Engine firmware version 4.0, and Trusted Execution Engine version 3.0 are impacted by the vulnerabilities.

Attackers may exploit security vulnerabilities to gain unauthorized access to affected systems. Potential scenarios include running code outside the visibility of the operating system or user context, causing system instabilities or crashes, or impacting local security feature attestation validity.

Find out if a system is vulnerable

intel-security-detection-tool.png

Intel released a detection tool which you may download from this web page. It is available for Windows 7 and newer versions of Windows, and for Linux.

The program runs a quick scan and returns its findings afterwards. It highlights whether the system is vulnerable, and displays the Intel product and its firmware version as well.

What to do if the system is vulnerable

There is nothing that users can do to the system directly to fix the vulnerability. Intel notes that it is up to OEMs and manufacturers to release updates for their products to fix the security issues.

What that means is the following: If you have bought a PC from a manufacturer like Dell, Lenovo, HP or any other PC manufacturer, you need to wait for them to release updates that address the issue.

Intel lists links to support information on this support article. The company will update links to manufacturers when updates are released by them. Currently, links are available for Dell and Lenovo customers.

Users who built a PC by themselves, changed the motherboard, or bought a pre-assembled PC using custom parts, need to consult the motherboard manufacturer instead.

Closing Words

Judging from past vulnerabilities and patching activity, it seems very likely that manufacturers won't release updates for some systems and motherboards. Since Intel prevents direct access to affected features, these systems will remain vulnerable throughout their lifetime.

This is not the first issue that affected Intel's Management Engine. The EFF published a detailed account on that back in May 2017 for instance, urging Intel to provide the means to give administrators and users options to disable or limit the Management Engine.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Check out what our members are saying

  • Our picks

×
×
  • Create New...