Jump to content

Build Theme!
  •  
  • Unreplied Topics
  • Downloads
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 93098 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Intel Firmware Vuln

Started by AplusWebMaster , Nov 21 2017 12:13 PM

  • Please log in to reply
No replies to this topic

#1 AplusWebMaster

AplusWebMaster

    AplusWebMaster

  • Authentic Member
  • PipPipPipPipPipPipPip
  • 10,472 posts
  • Interests:... The never-ending battle for Truth, Justice, and the American way.

Posted 21 November 2017 - 12:13 PM

FYI...

Intel Firmware Vuln
> https://www.us-cert....e-Vulnerability
Nov 21, 2017 - "Intel has released recommendations to address vulnerabilities in the firmware of the following Intel products: Management Engine, Server Platform Services, and Trusted Execution Engine. An attacker could exploit some of these vulnerabilities to take control of an affected system.
US-CERT encourages users and administrators to review the Intel links below and refer to their original equipment manufacturers (OEMs) for mitigation strategies and updated firmware."

Intel Security Advisory INTEL-SA-00086
> https://security-cen...anguageid=en-fr
1.0 - 20-November-2017 - Initial Release
1.1 - 21-November-2017 - Updated Recommended and minimum versions
1.2 - 22-November-2017 - Updated links to online support page
1.3 - 29-November-2017 - Updated title for Intel® Manageability Engine Firmware 8.x/9.x/10.x
1.4 - 01-December-2017 - Added clarification for physical access requirement
1.5 - 19-December-2017 - Updated references for Intel® Manageability Engine Firmware 6.x/7.x
1.6 - 22-December-2017 - Further clarified references to Intel® Manageability Engine Firmware 6.x/7.x

Support Article
> https://www.intel.co...9/software.html
Last Reviewed: 26-Dec-2017

Detection Tool
> https://downloadcent.../download/27150
Version: 1.0.0.152 (Latest) Date: 12/19/2017
___

- https://www.security....com/id/1039852
CVE Reference: CVE-2017-5705, CVE-2017-5708, CVE-2017-5711, CVE-2017-5712
Updated: Dec 5 2017
Nov 21 2017
Version(s): 11.0, 11.5, 11.6, 11.7, 11.10, 11.20 ...
The following processor series are affected:
6th, 7th, and 8th Generation Intel Core
Intel Xeon Processor E3-1200 v5 and v6
Intel Xeon Processor Scalable
Intel Xeon Processor W
Intel Atom C3000 Processor
Apollo Lake Intel Atom Processor E3900 series
Apollo Lake Intel Pentium
Celeron N and J series Processors
[Editor's note: The Intel Trusted Execution Engine (TXE) and Intel Server Platform Services (SPS) products are affected by separate vulnerabilities.] ...
Impact: A remote authenticated user can obtain elevated privileges on the target system.
A local user can obtain elevated privileges on the target system.
Solution: The vendor has issued a fix...
 

:ph34r:


Edited by AplusWebMaster, 28 December 2017 - 02:38 PM.

.The machine has no brain.
 ......... Use your own.
Browser check for updates here.
YOU need to defend against -all- vulnerabilities.
Hacks only need to find -1- to get in...
.

    Advertisements

Register to Remove

Related Topics

Back to Updates To Software · Next Unread Topic →

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. What the Tech
  2. Discussion
  3. Updates To Software
  4. Privacy Policy
  5. Terms of Use ·