In recent days, Intel has announced a new set of vulnerabilities that could potentially impact certain PCs, servers, and IoT platforms.
Specifically, they have found issues with systems using certain firmware. This is documented in the following advisory - Intel-SA-00086 - https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086
Firmware at risk
Intel have advised that systems using one of the following Intel firmware are impacted:
- Intel Management Engine (Intel® ME) versions 11.0.0 through 11.7.0
- Intel Trusted Execution Engine (Intel® TXE) version 3.0
- Intel Server Platform Services (SPS)Â version 4.0
Identification
Intel has also released a detection tool which can be used from Windows and Linux operating systems. It can be downloaded here - Intel-SA-00086 Detection Tool
Can Anti-Virus Detect this Vulnerability?
Anti-Virus products are not able to report on this vulnerability. Do not assume that a “clean scan” of a server means that a server is not vulnerable to this issue.
Processors At Risk
Firmware from the following processor types are at risk from this vulnerability:
- 6th, 7th, and 8th generation Intel® Core™ Processor Family
- Intel® Xeon® Processor E3-1200 v5 and v6 Product Family
- Intel® Xeon® Processor Scalable Family
- Intel® Xeon® Processor W Family
- Intel Atom® C3000 Processor Family
- Apollo Lake Intel Atom® Processor E3900 series
- Apollo Lake Intel® Pentium® Processors
- Intel® Celeron® N and J series Processors
What about AMD?
It is important to note that while many people consider “Wintel” / xSeries platforms to be synonymous with “Intel” chipsets, this is not the case. There are other manufacturers such as AMD. It is only Intel processors that are at risk, and even then only specific models (as above).
Vendor Firmware Updates
Intel has provided system and motherboard manufacturers with firmware and software updates necessary to remediate vulnerabilities identified in disclosureIntel-SA-00086
Some manufacturers have provided specific guidance on this topic, see links located at the following Intel page -Â https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
WARNING when updating BIOS
It is important to note that updating system firmware could result in restoring of BIOS values back to defaults. For example Power Management settings may need to be re-applied with “Maximum Performance”. Be sure to note any custom tuning / performance changes prior to applying updates.
Reference Links
There are multiple articles online about impacted customers.
- https://www.intel.com/content/www/us/en/support/articles/000025619/software.html
- https://blog.rapid7.com/2017/11/21/intel-sa-00086-security-bulletin-for-intel-management-engine-me-and-advanced-management-technology-amt-vulnerabilities-what-you-need-to-know/
- https://support.lenovo.com/fr/en/product_security/len-17297