Windows 10: Intel-SA-00086 (v1.1.169.0) Solved

Page 1 of 2 12 LastLast
  1.    23 Feb 2018 #1

    Intel-SA-00086 (v1.1.169.0)


    How to fixed this particular issue? Thanks.
    Attached Thumbnails Attached Thumbnails 1.1.169.0.png  
      My ComputerSystem Spec

  2.    23 Feb 2018 #2

    To put it simply, you have to find an updated version of the Intel Management firmware that addresses this vulnerability. Because I have two Asrock motherboards that I've repaired for this, I can point you at the Asrock page where the downloads may be found: ASRock---Intel Firmware vulnerability INTEL-SA-00086. They also provide instructions on which download to choose based on your chipset, and instructions on how to apply it.
    Enjoy and HTH,
    --Ed--
      My ComputersSystem Spec


  3. Posts : 3,374
    3-Win-7Prox64 2-Win10Prox64
       23 Feb 2018 #3

    Hi,
    I personally wouldn't worry about it
    You have a decent antivirus Malwarebytes premium
    If you uninstalled IME in programs the Intel evaluation would spin like a top and never complete :)
      My ComputersSystem Spec

  4.    24 Feb 2018 #4

    @EdTittel My motherboad is ASRock H97 Pro4, which is not listed on the page.

    @ThrashZone Yeah, I hope so. By default, my IMEI v11.6.0.1026 & now I've updated to v11.7.0.1057


    Attached Thumbnails Attached Thumbnails IMEI.png  
    Last edited by khanmein; 24 Feb 2018 at 10:44.
      My ComputerSystem Spec

  5.    24 Feb 2018 #5

    If the motherboard isn't listed -- and I just re-read the page and indeed it and/or its chipsets are not mentioned -- then they do not have a patch for your Intel ME firmware. Although the tool says you're vulnerable, Asrock apparently does not offer a patch. That leaves two choices:
    1. Practice safe computing and eternal vigilance to avoid exposure to attack.
    2. Look for a patch source from someplace other than Asrock. I'd suggest asking around at sites like Win-RAID or look to other BIOS hackers to see if something is available. I see that, for example, MSI released a patch for this for H97 mobos based on an Intel release of the base patch to OEMs. If you dig deeply enough you may be able to come up with a workaround. That said, it could also brick your PC if something goes kerflooey.
    Your call, but I vote for option 1.
    HTH,
    --Ed--

    PS: here's a link to the MSI Post, in case you're interested: Intel ME Firmware updates for H97/Z97 Mate Motherboard
    Last edited by EdTittel; 24 Feb 2018 at 11:04. Reason: Add PS for MSI forum post link
      My ComputersSystem Spec

  6.    24 Feb 2018 #6

    A little bird tells me that the ME firmware versions are released and signed by Intel so the binaries are exactly the same between OEMs. Intel also releases its own firmware update tool.

    That said, there may be secure boot, BitLocker, and/or measured boot implications if you update the ME without going through the OEM's tool.

    For a home desktop system I would not bother. The ME9 vulnerabilities are both in AMT, which no home user ever provisions. To actually enable AMT an attacker would have to have local execution privileges on your system, in which case you have bigger problems.
      My ComputerSystem Spec

  7.    24 Feb 2018 #7

    Yes, you are correct PolarNettles. REAL MEN (or real nerds, anyway) will hack their own BIOSes/UEFIs, using tools to slipstream the OEM updates from Intel directly into their own runtime environments.
    --Ed--
      My ComputersSystem Spec


  8. Posts : 3,374
    3-Win-7Prox64 2-Win10Prox64
       24 Feb 2018 #8

    Hi,
    Any one with direct access wouldn't bother hacking a computer in place they would just take it and hack it elsewhere :)
    This is overblown BS
    Just disabling remote access kills at least one of the vulnerabilities
    Use a standard user account pretty much mitigates a host of others.
    I'm doing nothing to either of my systems
    I'd get hit by a train in my living room before either of these exploits hit me
      My ComputersSystem Spec

  9.    24 Feb 2018 #9

    Thanks for your kind and friendly input, ThrashZone. Your thoughts and reflections are always welcome.
    --Ed--
      My ComputersSystem Spec

  10.    25 Feb 2018 #10

    I ran the FWUpdate with 9.1.42.3002_5MB_PRD_RGN.bin.

    Thanks guys.
    Attached Thumbnails Attached Thumbnails 123.png  
      My ComputerSystem Spec


 
Page 1 of 2 12 LastLast

Related Threads
Read more: https://newsroom.intel.com/news/introducing-new-intel-pentium-silver-intel-celeron-processors/
Source: With Intels Help, 5G Pushes Toward 2020 Deployment | Intel Newsroom
My questions are, Are programs Intel Rapid Storage technology and Intel Security assist considered to be bloatware? They came with the laptop and cant figure exactly what they do. The name Intel makes it sound like serious stuff but after searching...
Read more: Intel Unveils Full Intel Core-X-series Processor Family Specs; 14- to 18-Core Processors Available Starting in September
I used the upgrade tool to install w10x64. Installation went fine, I can use my computer and all. Problem is that both of my LAN ports don't work. I get the usual red icon in the taskbar that shows no internet. I went into networking and it doesn't...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:29.
Find Us