cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Luc_T410
Serial Port
Posts: 30
Location: PL
Views: 3,221
Message 1 of 38

Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

 

Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk.
Systems are affected if have:
Intel® Manageability Engine Firmware 8.x,/9.x/10.x/11.0.x.x/11.5.x.x/11.6.x.x/11.7.x.x/11.10.x.x/11.20.x.x Server Platform Service 4.0.x.x Intel Trusted Execution Engine 3.0.x.x

Again new AMT firmware upgrade must be released by all manufacturer to solve the problems.

Administrator
Administrator
Posts: 6,179
Location: SK
Views: 3,171
Message 2 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Please refer to the Lenovo PSIRT site for updates on this vulnerability; affected systems with update links are provided.

https://support.lenovo.com/sk/en/solutions/len-17297

Andy


English Community Leader


Please remember to come back and mark the post that you feel solved your question as the solution, it earns the member + points


Did you find a post helpfull? You can thank the member by clicking on the star to the left awarding them Kudos


T430 2347-G7U W8 x64, Yoga 10 HD+, Tablet 1838-2BG, T61p 6460-67G W7 x64, T43p 2668-G2G XP, T23 2647-9LG XP, plus a few more.


Please don't ask me questions by Personal Message; questions belong in the forums.


Deutsche Community Comunidad en Español English Community Русскоязычное Сообщество Communidade Portugues

dragun50
Fanfold Paper
Posts: 10
Location: US
Views: 2,934
Message 3 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Well just download the SA 0006_Windows from Intel as they have explained a whole lot of their CPU chips are subject to Security Vulnerability.

It turn out that the system I am using is one of them. I suggest everyone download the SA 0006_Windows and check your system.

It is now up to Lenovo to get us a fix in the BIOS, and I would hope they do it rather sooner than later.

 

Version:1.0 StartHTML:000000174 EndHTML:000000971 StartFragment:000000335 EndFragment:000000939 StartSelection:000000335 EndSelection:000000939 SourceURL:about:blank
Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086. Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

 

Admin Edit: merged in and edited subject.

Neovol
Paper Tape
Posts: 4
Location: SI
Views: 3,051
Message 4 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Risk Assessment
Based on the analysis performed by this tool: This system is vulnerable.

Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086. Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 22. 11. 2017 23:45:19

Host Computer Information
Name: I700
Manufacturer: LENOVO
Model: 80RU
Processor Name: Intel(R) Core(TM) i5-6300HQ CPU @ 2.30GHz
OS Version: Microsoft Windows 10 Pro

Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 11.0.0.1202 
SVN: 1

Copyright(C) 2017, Intel Corporation, All rights reserved.

IdeaPad 700 is also vulnerable but I don't see it on this list https://support.lenovo.com/si/en/product_security/len-17297#IdeaPad. Did you miss it?

 

Admin Edit: merged in and edited subject.

Administrator
Administrator
Posts: 4,272
Location: SK
Views: 2,792
Message 5 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Hello dragun50,

 

which System/Model are you referring to? I would advise to check the following LEN-17297 Security Advisory which holds the most up-to-date information regarding impacted systems.

 

Best regards,

 

Admin Edit: merged in and edited subject.

Juraj
German Community Lead


Wurde dein Problem bei uns bereits besprochen? Schau mal nach: Forum Suchoption
Bitte füge den Typ, Modell (nicht die S/N) und das benutzte OS zu deiner Nachricht hinzu. Es beschleunigt die Lösung deines Problems.


Deutsche Community Comunidad en Español English Community Русскоязычное Сообщество Communidade Portugues

 

Die Meinungen, die ich hier zum Ausdruck bringe, sind, falls nicht anders explizit ausgedrückt meine eigenen und es handelt sich um keine offizielle Stellungnahme von Lenovo.

 

Es ist wichtig zu betonen, dass die Foren die Ressourcen von Lenovo ergänzen aber den offiziellen Service nicht ersetzen. Eine Liste der Servicenummern kann unter dem folgenden Link gefunden werden: Telefonische Unterstützung

dragun50
Fanfold Paper
Posts: 10
Location: US
Views: 2,787
Message 6 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Which is all well and good, but as mine is one listed as affected, I am probably more concerened than you are.

there is nothing there to even suggest that Lenovo is activley looking into fixing the ones still affected.

Just what do I do to see if or when they do something about it? To date I have never had any sort of notifcation from Lenovo about any of this. 

I guess once the warranty is off an one no longer owes them money, we become a lost voice from what I see.

 

Thank you for showing me they know about it, but until you can show me where they do someting about it, no use in looking, is there.

 

Admin Edit: merged in and edited subject.

Highlighted
chip9
Fanfold Paper
Posts: 3
Location: LT
Views: 3,014
Message 7 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

   1.GIF

when a fix will be up?

 tools https://downloadcenter.intel.com/download/27150

 

Mod's Edit: This post was merged with an existing discussion on the issue.

 

Administrator
Administrator
Posts: 4,272
Location: SK
Views: 2,747
Message 8 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Hello dragun50,

if your system is listed under the affected ones and there is no estimate on when the update for your machine is going to be live, then you just have to wait it out until the document gets updated. As you can see on the bottom of the document, it was released just days ago, on the 20th of November. I can't tell you when the document is going to be updated next, but the only notification you could get regarding this would be via Lenovo Companion which will prompt you to install the new IME FW when it gets released. The place to download the actual installer of the fix would then be the download section on the support page for your product.

Best regards,

 

Admin Edit: merged in and edited subject.

Juraj
German Community Lead


Wurde dein Problem bei uns bereits besprochen? Schau mal nach: Forum Suchoption
Bitte füge den Typ, Modell (nicht die S/N) und das benutzte OS zu deiner Nachricht hinzu. Es beschleunigt die Lösung deines Problems.


Deutsche Community Comunidad en Español English Community Русскоязычное Сообщество Communidade Portugues

 

Die Meinungen, die ich hier zum Ausdruck bringe, sind, falls nicht anders explizit ausgedrückt meine eigenen und es handelt sich um keine offizielle Stellungnahme von Lenovo.

 

Es ist wichtig zu betonen, dass die Foren die Ressourcen von Lenovo ergänzen aber den offiziellen Service nicht ersetzen. Eine Liste der Servicenummern kann unter dem folgenden Link gefunden werden: Telefonische Unterstützung

user837217237
What's DOS?
Posts: 1
Location: FR
Views: 2,973
Message 9 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Where can I find updated management engine firmware for the Ideapad 500-15isk? (ME firmware version 11.0.0.1160 LP)

Alternatively, can I safely disable the ME altogether via http://blog.ptsecurity.com/2017/08/disabling-intel-me.html ?

 

Admin note; post merged in, subject edited.

Kra1o5
Paper Tape
Posts: 7
Location: ES
Views: 2,661
Message 10 of 38

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Hi,

 

Same for ideapad 110-15ISK (80UD).

 

Not listed & its vulnerable.

 

Admin Edit: merged in and edited subject.

Top Kudoed Authors