Register Now!

To Get More Info and Daily Reward.

Please login or register.
Pages: [1]   Go Down

Author Topic: Intel® Management Engine Critical Firmware Update (Intel SA-00086)  (Read 490 times)

0 Members and 1 Guest are viewing this topic.

dinsdale56Topic starter

  • PRIVATE E-2
  • **
  • Offline Offline
  • Posts: 5

https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr


Quote
In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.
As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.


Intel ME vulnerability tool identifies my system as "vulnerable" and recommends contact system manufacturer. Please advise if/when MSI will issue patch. Thank you.

Risk Assessment
Based on the analysis performed by this tool: This system is vulnerable.

Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086. Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr
INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 11/22/2017 3:00:08 PM

Host Computer Information
Name: XXXXXXXXX
Manufacturer: Micro-Star International Co., Ltd.
Model: PE60 6QE
Processor Name: Intel(R) Core(TM) i7-6700HQ CPU @ 2.60GHz
OS Version: Microsoft Windows 10 Pro
Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 11.0.0.1180 
SVN: 1
Logged
System Specs:
Computer:      MSI PE60 6QE CPU: Intel Core i7-6700HQ 
MB:   MSI MS-16J5 Graphics:  Intel HD Grahpics 530  NVIDIA GeForce GTX 960M
Drive: Samsung SSD 850 EVO M.2 250GB, 244.2 GB, Serial ATA 6Gb/s @ 6Gb/s
Drive: HGST HTS721010A9E630, 976.8 GB, Serial ATA 6Gb/s @ 6Gb/s
OS:   MS Windows 10 PRO x64

chris

  • PRIVATE E-2
  • **
  • Offline Offline
  • Posts: 2
« Reply #1 on: 23-November-17, 05:55:21 »

+1

I'm seeing the same issue on CX62 6QD.
Logged

rarev

  • PRIVATE E-2
  • **
  • Offline Offline
  • Posts: 1
« Reply #2 on: 24-November-17, 12:57:33 »

Me too on GP72 7RE Leopard Pro, have sent email and message to support, no reply yet. This could be quite a serious vulnerability and as I understand it is related to JTag know little more than that. Lenovo have apparently already issued a fix, time for MSI to move on this
Logged

dinsdale56Topic starter

  • PRIVATE E-2
  • **
  • Offline Offline
  • Posts: 5
« Reply #3 on: 25-November-17, 20:26:26 »

I contact MSI support and received this reply today:

Logged
System Specs:
Computer:      MSI PE60 6QE CPU: Intel Core i7-6700HQ 
MB:   MSI MS-16J5 Graphics:  Intel HD Grahpics 530  NVIDIA GeForce GTX 960M
Drive: Samsung SSD 850 EVO M.2 250GB, 244.2 GB, Serial ATA 6Gb/s @ 6Gb/s
Drive: HGST HTS721010A9E630, 976.8 GB, Serial ATA 6Gb/s @ 6Gb/s
OS:   MS Windows 10 PRO x64
Pages: [1]   Go Up