cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
przemek1234pl
802.11n
Posts: 152
Registered: ‎11-28-2017
Location: PL
Views: 1,997
Message 21 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

My Lenovo Yoga 500-14ISK (which still has warranty) with Skylake CPU also isn't listed on the article and the Intel tool says it's vulnerable. Will it receive the firmware update?

Gromas
What's DOS?
Posts: 1
Registered: ‎12-01-2017
Location: GB
Views: 1,892
Message 22 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

When will the Intel Management Engine Firmware update be available for the Yoga 710-14ISK?

I do not see it listed on this web page:

https://support.lenovo.com/au/en/product_security/len-17297

 

It is vulnerable according to the tool available on this page:

https://downloadcenter.intel.com/download/27150

 

(text from delurker post for Yoga 910 - adapted for Yoga 710)

 

Mod's Edit: Updated Subject line on this merged post.

 

Epiktistes
What's DOS?
Posts: 1
Registered: ‎12-05-2017
Location: US
Views: 1,728
Message 23 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

The Yoga 710-151KB is also vulnerable; it's not on Lenovo's list either. I contacted Lenovo tech support yesterday, but they couldn't tell me anything. They directed me to this forum, where no one seems to be getting answers either.

 

Hey Lenovo! This is a critical vulnerablity, and your response does not inspire confidence.

przemek1234pl
802.11n
Posts: 152
Registered: ‎11-28-2017
Location: PL
Views: 1,567
Message 24 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

I've noticed that the missing devices have been added to the list.
joeyong8
What's DOS?
Posts: 1
Registered: ‎12-11-2017
Location: SG
Views: 1,513
Message 25 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Hi all, my Lenovo V310z AIO isn't listed on the article and the Intel detection tool stated it's vulnerable. May i know will it receive the firmware update too? Thank you.

FizzyDrink
What's DOS?
Posts: 1
Registered: ‎12-15-2017
Location: HK
Views: 1,388
Message 26 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

My Lenovo 510S-13ISK 80SJ is NOT listed and the Intel detection tool says it's vulnerable. When will it be fixed?

Luc_T410
Serial Port
Posts: 30
Registered: ‎01-07-2015
Location: PL
Views: 1,359
Message 27 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Probably yes but it take some time to fix INTEL mess every time.
isavin
What's DOS?
Posts: 2
Registered: ‎12-21-2017
Location: RO
Views: 1,261
Message 28 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

T420 is also affected and not listed and no fix available:

 

INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.146
Scan date: 2017-12-21 16:07:38 GMT

*** Host Computer Information ***
Name: <redacted>
Manufacturer: LENOVO
Model: 4178CWG
Processor Name: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
OS Version: <redacted>

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.30.1142
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Management Engine firmware
  is considered vulnerable for INTEL-SA-00086.
  Contact your system manufacturer for support and remediation of this system.

For more information refer to the INTEL-SA-00086 Detection Tool Guide or the
  Intel Security Advisory Intel-SA-00086 at the following link:
  https://www.intel.com/sa-00086-support

Luc_T410
Serial Port
Posts: 30
Registered: ‎01-07-2015
Location: PL
Views: 1,250
Message 29 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

isavin
What's DOS?
Posts: 2
Registered: ‎12-21-2017
Location: RO
Views: 1,230
Message 30 of 41

Re: Intel Manageability Engine Firmware 8.x/9.x/10.x/11.x- security vulnerabilities

Thank you for pointing it out but that's for another vulnerabiliy Intel-SA-00075. I've reruned the detection tool after updating to the latest firmware and it's still reported as vulnerable for Intel-SA-00086.

 

INTEL-SA-00086 Detection Tool
Copyright(C) 2017, Intel Corporation, All rights reserved

Application Version: 1.0.0.146
Scan date: 2017-12-21 16:58:18 GMT

*** Host Computer Information ***
Name: <redacted>
Manufacturer: LENOVO
Model: 4178CWG
Processor Name: Intel(R) Core(TM) i5-2450M CPU @ 2.50GHz
OS Version: <redacted>

*** Intel(R) ME Information ***
Engine: Intel(R) Management Engine
Version: 7.1.91.3272
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Management Engine firmware
  is considered vulnerable for INTEL-SA-00086.
  Contact your system manufacturer for support and remediation of this system.

For more information refer to the INTEL-SA-00086 Detection Tool Guide or the
  Intel Security Advisory Intel-SA-00086 at the following link:
  https://www.intel.com/sa-00086-support

Check out current deals!


Shop current deals