Windows 10: UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL...

RAJU.MSC.MATHEMATICS · Nov 30, 2018

Kaspersky Password Manager
Create a strong password for your account

Intel has identified a firmware security vulnerability.

It allows an attacker with administrative privileges to gain unauthorized access to platform features and sensitive information protected by the Intel® Converged Security and Management Engine (CSME) or Intel® Server Platform Services (SPS).
Firmware updates have been provided to system manufacturers that resolve the issue.

Intel recommends that you check with your system manufacturers to determine the availability of their firmware update.

Then apply available updates in a timely manner.

Affected versions are noted below along with the firmware (FW) version that mitigates the issue:
Intel® CSME firmware versions including
11.0 through 11.8.50;
11.10 through 11.11.50;
11.20 through 11.21.50;
12.0 through 12.0.5,

Firmwares can be found on the following products:

6th Generation Intel® Core™ Processor Family Platforms (mitigated by FW v.11.8.55)
7th Generation Intel® Core™ Processor Family Platforms (mitigated by FW v.11.8.55)
8th Generation Intel® Core™ Processor Family Platforms (mitigated by FW v.12.0.6)
Intel® Xeon® E3-1200/1500 v5 Processor Family Platforms (mitigated by FW v.11.8.55)
Intel® Xeon® E3-1200/1500 v6 Processor Family Platforms (mitigated by FW v.11.8.55)
Intel® Xeon® E-1200M Processors (mitigated by FW v.11.8.55)
Intel® Xeon® W Processor Family Platform (mitigated by FW v.11.11.55)
Intel® Xeon® Scalable Processors (mitigated by FW v.11.11.55)
Intel® Core™ X-Series Processor Family Platform (mitigated by FW v.11.11.55)
Intel® SPS firmware version 4.0.0, which can be found on the following products:
Intel Atom® Processor C3000 Series Platform (mitigated by FW v.4.x.05)
Intel® Xeon® D-2100 Processor Family Platform (mitigated by FW v.4.x.05)
Intel® Xeon® Scalable Processor Family Platform (mitigated by FW v.4.x.05)
Intel® C620 Series Chipset Family (PCIe* EndPoint Mode) (mitigated by FW v.4.x.05)
Intel® QuickAssist Adapter 8960/8970 Products (mitigated by FW v.4.x.05)

Get updated Intel management engine Firmware from laptop or desktop or motherbaord or all in pc manufacturers

I have ready updated to much higher version than expected n my asus vivobook 15 r542uq-dm153

i have 11.8.59.3560

To check which ME fimware you have currently , download intel utlity , then run as administrator

https://downloadcenter.intel.com/download/27150/INTEL-SA-00086-Detection-Tool

Thanks for reading my post , give me helpful votes if you find it.

Kaspersky Password Manager
Create a strong password for your account

:)

Brink · Nov 30, 2018

Intel Power Management Controller (PMC) Security Advisory

[table][tr]Intel ID: INTEL-SA-00131 [/tr] [tr][td]Advisory Category:[/td] [td]Firmware[/td] [/tr] [tr][td]Impact of vulnerability:[/td] [td]Escalation of Privilege, Information Disclosure[/td] [/tr] [tr][td]Severity rating:[/td] [td]HIGH[/td] [/tr] [tr][td]Original release:[/td] [td]09/11/2018[/td] [/tr] [tr][td]Last revised:[/td] [td]09/11/2018[/td] [/tr] [/table]

Summary:

A potential security vulnerability in power management controller firmware may allow escalation of privilege and/ or information disclosure. Intel is releasing firmware updates to mitigate this potential vulnerability.

Vulnerability Details

CVEID: CVE-2018-3643

Description: A vulnerability in Power Management Controller firmware in systems using specific Intel® Converged Security and Management Engine (CSME) before version 12.0.6 or Intel® Server Platform Services firmware before version 4.x.04 may allow a privileged user to potentially escalate privileges or disclose information via local access.

CVSS Base Score: 8.2 High

CVSS Vector: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Affected Products:

Systems using the following firmware versions and associated products are impacted.

Products containing Intel® Server Platform Services firmware version 4.x:

[table][tr][td]Impacted Product[/td] [td]Mitigated FW version[/td] [/tr] [tr][td]Intel® Atom® Processor C3000 Series Platform[/td] [td]4.00.04.177.0[/td] [/tr] [tr][td]Intel® Xeon® D-2100 Processor Family Platform[/td] [td]4.00.04.077.0[/td] [/tr] [tr][td]Intel® Xeon® Scalable Processor Family Platforms[/td] [td]4.00.04.381.0[/td] [/tr] [tr][td]Intel® C620 Series Chipset Family (PCIe End Point Mode)[/td] [td]4.00.04.381.0[/td] [/tr] [tr][td]Intel® QuickAssist Adapter 8960/8970 Products[/td] [td]4.x.05[/td] [/tr] [/table]

Products containing Intel® CSME firmware version 11.x or later:

[table][tr][td]Impacted Product[/td] [td]Mitigated FW(CSME) version[/td] [/tr] [tr][td]6th Generation Intel® Core™ Processor Family Platforms[/td] [td]11.8.55[/td] [/tr] [tr][td]7th Generation Intel® Core™ Processor Family Platforms[/td] [td]11.8.55[/td] [/tr] [tr][td]8th Generation Intel® Core™ Processor Family Platforms[/td] [td]12.0.6[/td] [/tr] [tr][td]Intel® Xeon® E3-1200/1500 v5 Processor Family Platforms[/td] [td]11.8.55[/td] [/tr] [tr][td]Intel® Xeon® E3-1200/1500 v6 Processor Family Platforms[/td] [td]11.8.55[/td] [/tr] [tr][td]Intel® Xeon® W Processor Family Platform[/td] [td]11.11.55[/td] [/tr] [tr][td]Intel® Core™ X-Series Processor Family Platform[/td] [td]11.11.55[/td] [/tr] [tr][td]Intel® Xeon® Scalable Processors[/td] [td]11.21.55[/td] [/tr] [/table]

Recommendations:

Intel recommends that end users should check with their system manufacturers and apply any available updates as soon as practical, based on the versions listed above, or higher.

Acknowledgements:

This issue was found internally by Intel.

Revision History

[table][tr]Revision Date Description [/tr] [tr][td]1.0[/td] [td]09/11/2018[/td] [td]Initial Release[/td] [/tr] [/table]
Click to expand...

Source: INTEL-SA-00131

Brink · Nov 30, 2018

Intel Management Engine Vulnerability and Surface Devices

Microsoft is aware of the Intel Management Engine vulnerability (Intel-SA-00086). The Intel vulnerability detection tool currently lists Microsoft Surface devices as vulnerable to this security advisory.Microsoft has investigated the issue and found the following:

Remote exploit of this vulnerability requires Intel Active Management Technology (AMT). Current Surface devices do not allow remote connectivity to the ME because our devices do not run AMT.

Local exploit of this vulnerability requires Direct Connect Interface (DCI) access via USB, which is not provided on Surface devices.

Because of this, we believe exploits using this vulnerability are significantly reduced on Surface devices. We care deeply about ensuring our devices are reliable and secure and are working with Intel to generate fixes for current devices, which we expect to release in the near future.
Click to expand...

Source: Intel Management Engine Vulnerability and Surface Devices Surface

Grom0X · Nov 30, 2018

Intel Converged Security and Management Engine Issue

Intel was notified of an issue with the Intel® Converged Security and Management Engine (Intel® CSME) firmware. An attacker with physical access could do the following on an individual platform:

Bypass Intel® CSME anti-replay protection, thus allowing potential brute force attacks on secrets stored inside the Intel CSME;

Gain unauthorized access to the Intel® Management Engine BIOS Extension (Intel® MEBX) password;

Tamper with the integrity of the Intel® CSME file system directories or the Server Platform Services and Trusted Execution Environment (Intel® TXE) data files.

See Security Advisory INTEL-SA-00125 for further details.

Affected Products/Technologies

The issue has been identified as a vulnerability in the Intel® CSME firmware versions: 11.0 through 11.8.50; 11.10 through 11.11.50; 11.20 through 11.21.51, Intel® Server Platform Services firmware version 4.0 (on Purley and Bakerville only) and Intel® TXE version 3.0 through 3.1.50.

Systems using Intel® CSME firmware versions prior to 11.0/ Intel® Server Platform Services 4.0/TXE 3.0 or using firmware versions 11.8.55/11.11.55/11.21.55/ Intel® Server Platform Services 5.0 and higher/TXE 3.1.55 or higher don't contain the identified vulnerability.

[table][tr][td]Intel® Converged Security and Management Engine (Intel® CSME)[/td] [/tr] [tr][td]Updated Intel® CSME Firmware version[/td] [td]Replaces Intel® CSME Firmware version[/td] [/tr] [tr][td]11.8.55.3510[/td] [td]11.8.50.3399[/td] [/tr] [tr][td]11.11.55.1509[/td] [td]11.11.50.1402[/td] [/tr] [tr][td]11.21.55.1508[/td] [td]11.21.50.1400[/td] [/tr] [tr][td]Intel® Server Platform Service[/td] [/tr] [tr][td]Updated SPS Firmware version[/td] [td]Replaces SPS Firmware version[/td] [/tr] [tr][td]SPS_SoC-A_04.00.04.177.0[/td] [td]SPS_SoC-A_04.00.04.172.0[/td] [/tr] [tr][td]SPS_SoC-X_04.00.04.077.0[/td] [td]SPS_SoC-X_04.00.04.057.0[/td] [/tr] [tr][td]SPS_E5_04.00.04.381.0[/td] [td]SPS_E5_04.00.04.340.0[/td] [/tr] [tr][td]Intel® Trusted Execution Engine (TXE)[/td] [/tr] [tr][td]Updated TXE Firmware version[/td] [td]Replaces TXE Firmware version[/td] [/tr] [tr][td]3.1.55[/td] [td]3.1.50.2222[/td] [/tr] [/table]

Contact your system or motherboard manufacturer to obtain an Intel CSME firmware update or BIOS update that addresses this vulnerability. Intel can't provide updates for systems or motherboards from other manufacturers.

The Intel SA-00125 Detection tool is available in Download Center to assist customers in determining if systems are vulnerable to this issue.

Find support for related products

Active Products

Intel® Management Engine
Click to expand...

SOURCE: Intel Converged Security and Management Engine (Intel CSME) Issue

RAJU.MSC.MATHEMATICS · Nov 30, 2018

Original post was posted by me just 30 minutes before on answers.microosft.com

Windows 10: UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL...

UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL...

UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL...

UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL...

UPDATE INTEL ME FIRMWARE FOR POWER MANAGEMENT CONTROLLER SECURITY VULNERABILITY IN INTEL... - Similar Threads - UPDATE INTEL FIRMWARE

Intel NUC Firmware Vulnerability Advisory - Oct. 8

Intel NUC Firmware Vulnerability Advisory

Intel Vulnerability Updates

Potential security vulnerabilities in Intel Matrix Storage Manager

Potential security vulnerabilities in Intel firmware

UPDATE INTEL ME FIRMWARE FOR CONVERGED SECURITY & MANAGEMENT ENGINE ISSUES IN INTEL...

Intel Server Boards Firmware Advisory for security vulnerability

Intel Server Board Firmware Advisory for potential vulnerability

Intel Power Management Controller (PMC) Security Advisory