New
#1
Intel-SA-00086 (v1.1.169.0)
How to fixed this particular issue? Thanks.
Intel-SA-00086 (v1.1.169.0)
-
-
New #2
To put it simply, you have to find an updated version of the Intel Management firmware that addresses this vulnerability. Because I have two Asrock motherboards that I've repaired for this, I can point you at the Asrock page where the downloads may be found: ASRock---Intel Firmware vulnerability INTEL-SA-00086. They also provide instructions on which download to choose based on your chipset, and instructions on how to apply it.
Enjoy and HTH,
--Ed--
-
New #3
Hi,
I personally wouldn't worry about it
You have a decent antivirus Malwarebytes premium
If you uninstalled IME in programs the Intel evaluation would spin like a top and never complete :)
-
New #4
@EdTittel My motherboad is ASRock H97 Pro4, which is not listed on the page.
@ThrashZone Yeah, I hope so. By default, my IMEI v11.6.0.1026 & now I've updated to v11.7.0.1057
Last edited by khanmein; 24 Feb 2018 at 10:44.
-
New #5
If the motherboard isn't listed -- and I just re-read the page and indeed it and/or its chipsets are not mentioned -- then they do not have a patch for your Intel ME firmware. Although the tool says you're vulnerable, Asrock apparently does not offer a patch. That leaves two choices:
1. Practice safe computing and eternal vigilance to avoid exposure to attack.
2. Look for a patch source from someplace other than Asrock. I'd suggest asking around at sites like Win-RAID or look to other BIOS hackers to see if something is available. I see that, for example, MSI released a patch for this for H97 mobos based on an Intel release of the base patch to OEMs. If you dig deeply enough you may be able to come up with a workaround. That said, it could also brick your PC if something goes kerflooey.
Your call, but I vote for option 1.
HTH,
--Ed--
PS: here's a link to the MSI Post, in case you're interested: Intel ME Firmware updates for H97/Z97 Mate MotherboardLast edited by EdTittel; 24 Feb 2018 at 11:04. Reason: Add PS for MSI forum post link
-
New #6
A little bird tells me that the ME firmware versions are released and signed by Intel so the binaries are exactly the same between OEMs. Intel also releases its own firmware update tool.
That said, there may be secure boot, BitLocker, and/or measured boot implications if you update the ME without going through the OEM's tool.
For a home desktop system I would not bother. The ME9 vulnerabilities are both in AMT, which no home user ever provisions. To actually enable AMT an attacker would have to have local execution privileges on your system, in which case you have bigger problems.
-
New #7
Yes, you are correct PolarNettles. REAL MEN (or real nerds, anyway) will hack their own BIOSes/UEFIs, using tools to slipstream the OEM updates from Intel directly into their own runtime environments.
--Ed--
-
New #8
Hi,
Any one with direct access wouldn't bother hacking a computer in place they would just take it and hack it elsewhere :)
This is overblown BS
Just disabling remote access kills at least one of the vulnerabilities
Use a standard user account pretty much mitigates a host of others.
I'm doing nothing to either of my systems
I'd get hit by a train in my living room before either of these exploits hit me
-
-
New #9
Thanks for your kind and friendly input, ThrashZone. Your thoughts and reflections are always welcome.
--Ed--
-
New #10
I ran the FWUpdate with 9.1.42.3002_5MB_PRD_RGN.bin.
Thanks guys.
Quote
Related Discussions
