Windows 10: Intel Issues Updates to Protect Systems from Security Exploits

Page 3 of 13 FirstFirst 12345 ... LastLast

  1. Posts : 361
    Windows 10 Pro 1803 17134.48
       05 Jan 2018 #20

    Ga-z170x-ud5


    I just checked Gigabyte and there is a microcode update for my MB. Here is the title

    Intel Management Engine Interface
    (Note) Please update the latest BIOS for ME Firmware before installing this driver.
    Update Intel ME for security vulnerabilities
    OS: Windows 8.1 64bit,Windows 7 64bit,Windows 7 32bit,Windows 10 64bit

    This was issued on 11/30/2017
      My ComputersSystem Spec

  2.    05 Jan 2018 #21

    wordsworth said: View Post
    I understood the sequence of BIOS, driver, then the Asus utility, but I cannot find a utility driver for my system. I have updated the BIOS to 3504 but am still looking for this utility driver update before installing the Asus ME update. It appears to be the usual thing where Asus refers to Intel, and Intel to Asus. Call me still confused.
    Here is the link to Intel and the Management Engine Interface driver.
    Download Intel® Management Engine Consumer Driver for Intel® NUC Kit NUC5i3RY, NUC5i5RY, NUC5i7RY, NUC5i3MY
      My ComputersSystem Spec

  3.    06 Jan 2018 #22

    fireberd said: View Post
    I did come across that page while doing searches but I took it as the ME update for an Intel NUC. Asus has a lot of ME updates for their laptops but none specific for simply their motherboards like a Z170 Pro. Is this driver OK to use for this MB, is it the ME driver you installed? Still don't know what to install and the software to detect vulnerability says my system is so.

    Edit: From what I can see this ME driver is customized for each system by the motherboard manufacturers and is why I'm being careful about just what driver I install.
      My ComputerSystem Spec


  4. Posts : 20,251
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       06 Jan 2018 #23

    ME you get as a BIOS update as it is an operating system on the CPU.
    MEI or Management Engine Interface you get either through Windows Update(or update it if you already have it through Device Manager), or as a driver download from your PC(for laptops & off the shelf pre-built desktops) and motherboard OEM.
      My ComputersSystem Spec

  5.    06 Jan 2018 #24

    It’s totally confusing. Mine is an ASUS Z170 pro gaming on old 2015 BIOS 0802. Struggling to grasp exactly what is needed to be done. There are references to BIOS, references to management engine interface. I’ve seen that things need to be done in specific order somewhere too. I’m sure the average computer user has little chance of figuring this out. I don’t think I am prepared to mess about with things like the BIOS so Intel and MS really need to sort this out fully via a software/windows update full fix.

    I know it’s a different thing but there was a big fuss at start of 2016 over skylake and some kind of bug requiring an urgent microcode fix through BIOS updates from motherboard manufacturers. I never applied it choosing to stay with the BIOS shipped and my machine has never stuttered or had a problem because of this. I kind of wonder if the BIOS / interface updates maybe overkill for the average user
      My ComputerSystem Spec

  6.    06 Jan 2018 #25

    Hi,

    Struggling to grasp exactly what is needed to be done. There are references to BIOS, references to management engine interface.
    You need the appropiate firmware update for your cpu. Often OEMs then also update other parts of the UEFI/BIOS and package it as an executable that runs the flashing routine.
    But in essence the FW update of MEI suffices to resolve this vulnerability.
    As @Cliff S correctly explained updating drivers alone does nothing to resolve this vulnerability as the problem resides within the mini-OS that's running in a micro-processor inside Intel CPUs supporting MEI (and AMT for corporate systems)

    Cheers,
      My ComputersSystem Spec

  7.    06 Jan 2018 #26

    Cliff, I have the latest Windows Update on the system and yesterday updated the BIOS from the Asus site yet the detection software still says this system is vulnerable. I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
      My ComputerSystem Spec

  8.    06 Jan 2018 #27

    Hi,
    @wordsworth :

    I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
    See my posting just above yours. But keep in mind that only resolves the MEI vulnerability and not the CPU ones like Spectre and Meltdown.

    Cheers,
      My ComputersSystem Spec


  • Posts : 20,251
    Win10 Pro, Win10 Pro N, Win10 Home, Win10 Pro Insider Fast Ring, Windows 8.1 Pro, Ubuntu
       06 Jan 2018 #28

    wordsworth said: View Post
    Cliff, I have the latest Windows Update on the system and yesterday updated the BIOS from the Asus site yet the detection software still says this system is vulnerable. I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
    You have already done what you can, updating to the new(Nan 2018?) BIOS and updating the Cumulative update(only if your AV has updated a fix, when using 3rd party solutions and not Defender).

    When I updated my BIOS two days ago, at first it said still not protected for the ME bug, but the next day I tried again and it then said it was

    For other members that use 3rd party AV solutions here, read this article: How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
    The whole mess with anti-virus programs
    Microsoft says that during tests, it detected some anti-virus programs causing BSOD crashes that prevented computers from booting after the installation of the Meltdown and Spectre patches.
    The company says it instructed anti-virus vendors to modify their products and create a registry key on customers' computers when they've confirmed or updated their products so not to crash Windows PCs post-Meltdown/Spectre updates.

    Microsoft says that currently, whenever users want to update Windows, its update system will check for that registry key on users' PCs.
    If the key exists, the Windows update process will believe the anti-virus software received an update to support the Meltdown and Spectre patches, and install the proper OS updates as well.
    This is where things get messy. Some AV companies have said they don't plan to create that registry key, some said they cannot "technically" create that key, while others will ship updates in the following days.
    This Google Docs file contains a list of the responses from some AV companies.
    In simple terms, most AV users will have to wait, as most AV companies have promised to update their products and automatically add the registry key.
    The simplest way to go about this is if you can go to the Windows Update section every day and press the "Check for updates" button and you'll receive the update after your AV product creates that registry key.
    If you're one of the unlucky souls whose AV company doesn't plan to add that registry key, this is a .reg file Bleeping Computer put together to automatically create the following registry key for you.
      My ComputersSystem Spec

  •    06 Jan 2018 #29

    Cliff S said: View Post
    You have already done what you can, updating to the new(Nan 2018?) BIOS and updating the Cumulative update(only if your AV has updated a fix, when using 3rd party solutions and not Defender).

    When I updated my BIOS two days ago, at first it said still not protected for the ME bug, but the next day I tried again and it then said it was
    Hmmm. I tried the detection tool again and it still says vulnerable. I have not though been successful installing the ME update Asus speaks of in their BIOS page and this because I cannot find this driver they refer to. I think I'm done for now though. This is what the page says at Asus:

    Version -2017/11/223.71 MBytesMEUpdateTool
    Intel has identified security issue that could potentially place impacted platform at risk. Use ME Update tool to update your ME.
    *We suggest you update ME Driver to the latest Version 11.7.0.1040 simultaneously.
    Please download the file and check the MD5 code first.
    MD5: 6d3df63d6fe7019f956e91aeb6bc9410"
      My ComputerSystem Spec


  •  
    Page 3 of 13 FirstFirst 12345 ... LastLast

    Related Threads
    Source: Ransomware 1H 2017 review: Global outbreaks reinforce the value of security hygiene Windows Security blog
    In today’s world, not everything is what it seems. A prime example would be yesterday’s headlines. What we do today about our Privacy and Security are more important than ever! This thread is for discussion of and learning about...
    To keep my long story short, there is a software programmer who knows me pretty well that he wants to hack (and will try to hack) my PC and steal my confidential data stored on my desktop PC. I have no any security solutions yet to protect my PC...
    Solved HP Protect Tools Security Manager in Software and Apps
    We have a HP 4540S pro book we are ready to upgrade to Windows 10 from Win 7 professional, however the install stops and says the protect tools has to be uninstalled manually so far we cannot uninstall it. We have tried to remove it in parts but...
    Read more: http://news.softpedia.com/news/security-flaws-found-in-google-chromecast-home-security-systems-smart-coffee-makers-495864.shtml#sgal_1
    Our Sites
    Site Links
    About Us
    Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

    © Designer Media Ltd
    All times are GMT -5. The time now is 05:36.
    Find Us