Intel Acknowledges ME Flaws, Announces Fixes

[JSixpack]

For the virus-conscious:

 

To determine if the recently found vulnerabilities impact your system, Intel has created a detection tool that can be downloaded from its site. The tool is available only for Windows and Linux users.

The patch meant to fix these vulnerabilities will not be provided by Intel. You will have to check with your notebook’s OEM or your PC’s motherboard maker to see if they have released a firmware update that fixes the recent flaws.

     --http://www.tomshardware.co.uk/intel-me-security-vulnerabilities-patches,news-57372.html

 

Tool says I'm not in danger. Whew.

[wpcoe]

Yes, follow the links on that TH article and download the appropriate file from Intel.  My Microsoft Surface (i7-7660U processor) is vulnerable.  Now to wait for Microsoft to offer an update to fix it...

[wpcoe]

This Intel link has a list of manufacturers who have, or are working on, a fix for the Intel ME security vulnerability.

[RichCor]

Reading these articles, it really looks like many Intel users are really pwned unless they correct this with a BIOS patches (that may never be written for some users).

 

Having a CPU firmware flaw that can allow a rouge process to run in the background and monitor, read or change data without being seen or detected by an installed Virus Scanners or even the OS itself is scary stuff.

 

 

Intel finds critical holes in secret Management Engine hidden in tons of desktop, server chipsets
Bugs can be exploited to extract info, potentially insert rootkits
By Thomas Claburn in San Francisco 20 Nov 2017

 

The firmware-level bugs allow logged-in administrators, and malicious or hijacked high-privilege processes, to run code beneath the operating system to spy on or meddle with the computer completely out of sight of other users and admins. The holes can also be exploited by network administrators, or people masquerading as admins, to remotely infect machines with spyware and invisible rootkits, potentially.

 

 

To fix Intel's firmware fiasco, wait for Christmas Eve or 2018
And cross your fingers: 'TBD' is the scheduled date for hundreds of PC fixes
By Simon Sharwood, APAC Editor 23 Nov 2017

[RichCor]

My ACER Laptop with an Intel CORE i3 (series 6 chip) isn't vulnerable.

WooHoo for old, cheap hardware??  

 

Though I did just update the BIOS a DELL Server we took delivery of just this month. Go Dell.

Now I won't have to worry about having to solder shut all the USB ports (remote execution, WTH??)

[wpcoe]

3 hours ago, RichCor said:

Reading these articles, it really looks like many Intel users are really pwned unless they correct this with a BIOS patches (that may never be written for some users).

 

This, 100%.  I'm cautiously optimistic that my computer, as a recent Microsoft Surface flagship model, will see the BIOS patch.  And, hopefully sooner than later.

[topt]

17 hours ago, RichCor said:

My ACER Laptop with an Intel CORE i3 (series 6 chip) isn't vulnerable.

WooHoo for old, cheap hardware??  

I was presuming my much older Sony (bought in 2009) with Core 2 Duo processors was also safe but using the tool I get -

Quote

Based on the analysis performed by this tool: Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer).

I am guessing that the "Detection Error" means it comes up with the rest automatically in a sort of CYA......

I also note Sony are not yet on the link @wpcoe put up.

[RichCor]

4 minutes ago, topt said:

am guessing that the "Detection Error" means it comes up with the rest automatically in a sort of CYA......

Run the 'console' tool in an open command prompt window (CMD) that was started "run as administrator".

The error was there the first time I ran it, digging deeper found it didn't have enough 'permissions'. 

 

This issue seems to affect Server-class machines more than Retail models.

 

Read there was an earlier issue with this very same system back in MAY that needed to be patched because it was allowing blank passwords?  I don't think the CIA has to worry about ever not having enough exploitable vulnerabilities for their clandestine data mining tool kits.

[topt]

1 hour ago, RichCor said:

Run the 'console' tool in an open command prompt window (CMD) that was started "run as administrator".

The error was there the first time I ran it, digging deeper found it didn't have enough 'permissions'. 

 

Thanks but finally managed to work out how to do that and same result. Looking at the "permissions" I seem to have everything possible.

Mine is definitely a retail model (Z class laptop) - all be it it at the time fairly high end.

[wpcoe]

On 11/26/2017 at 2:27 PM, topt said:

I was presuming my much older Sony (bought in 2009) with Core 2 Duo processors was also safe but using the tool I get -

I am guessing that the "Detection Error" means it comes up with the rest automatically in a sort of CYA......

I also note Sony are not yet on the link @wpcoe put up.

The Intel list of manufacturers with a fix now includes Vaio (which are made by Sony) on it.  It links to this page in Japanese and Google Translate surprisingly does a good job at translating the page.  It appears, though, that the Sony fix is only for about a dozen specific models.