Windows 10: Intel AMT Vulnerability and Surface Devices

Source: Intel AMT Vulnerability and Surface Devices Surface

:)

 

Don't install windows 10 on a Asus et2701i all in one computer. or maybe all computer with install errors, roll backs

Hi Tony, Mighty Tiger & Bob Kane

Have just received an email from ASUS:

Dear Robert,

ASUS is working on qualifying and applying the fixes provided by Intel on supported systems. Moreover, Intel has released a downloadable discovery tool located at downloadcenter.intel.com, which will analyze your system for the vulnerability. IT professionals
who are familiar with the configuration of their systems and networks can use this tool or can find more details below.

·Step 1: Determine if you have an Intel® AMT, Intel® SBA, or Intel® ISM capable system:
How To Find Intel® vPro™ Technology Based PCs. If you determine that you do not have an Intel® AMT, Intel® SBA, or Intel®
ISM capable system then no further action is required.

·Step 2: Utilize the Detection Guide to assess if your system has the impacted firmware:
Download INTEL-SA-00075 Detection and Mitigation Tool. If you do have a version in the “Resolved Firmware” column no further
action is required to secure your system from this vulnerability.

·Step 3: Intel recommends checking with your system OEM for updated firmware. Firmware versions that resolve the issue have a four digit build number that starts with a “3” (X.X.XX.3XXX) Ex: 8.1.71.3608.

·Step 4: If a firmware update is not available from your OEM, follow Intel’s Mitigation Guide:
Download INTEL-SA-00075 Detection and Mitigation Tool

·For assistance in implementing the mitigations steps provided in this document, please contact Intel
Customer Support ; from the Technologies section, select Intel® Active Management Technology (Intel® AMT).

Kind regards,

Asus Customer Service

Asus Technical Support Site: http://support.asus.com

Have carried out Step 2: Detection Gude & the results are:

Risk Assessment
Based on the analysis performed by this tool, this system is not vulnerable; the ME SKU is not affected.

Explanation:

If Vulnerable, contact your OEM for support and remediation of this system.

For more information, refer to CVE-2017-5689 in the following link:
CVE-2017-5689

or the Intel security advisory Intel-SA-00075 in the following link:
INTEL-SA-00075

INTEL-SA-00075 Detection Tool
Application Version: 1.0.3.215

Scan date: 2018-01-18 15:51:52

Host Computer Information
Name: Bobby-PC

Manufacturer: ASUSTeK Computer INC.

Model: ET2701I

Processor Name: Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz

Windows Version: Microsoft Windows 10 Pro

ME Information
Version: 8.0.4.1441

SKU: Consumer

Provisioning Mode: Not Provisioned

Control Mode: None

Is CCM Disabled: True

Driver installation found: True

EHBC Enabled: False

LMS service state: Running

microLMS service state: NotPresent

Is SPS: False

So I am guessing that we are OK, perhaps Mighty Tiger & Bob Kane can use their expertise to detemine if that analysis is correct!

 

win10 BSOD

link for the sytem log sytem log.evtx

thank you for your help I updated the intel amt driver and the realtek audio driver, but the one thing is the preintalled dolby audio is gone right now but it shouldnt be a problem