Intel Issues Updates to Protect Systems from Security Exploits

Page 3 of 13 FirstFirst 12345 ... LastLast

  1. Posts : 1,020
    Windows 10 Pro 20H2 19042.572
       #20

    Ga-z170x-ud5


    I just checked Gigabyte and there is a microcode update for my MB. Here is the title

    Intel Management Engine Interface
    (Note) Please update the latest BIOS for ME Firmware before installing this driver.
    Update Intel ME for security vulnerabilities
    OS: Windows 8.1 64bit,Windows 7 64bit,Windows 7 32bit,Windows 10 64bit

    This was issued on 11/30/2017
      My Computers


  2. Posts : 2,585
    Win 11
       #21

    wordsworth said:
    I understood the sequence of BIOS, driver, then the Asus utility, but I cannot find a utility driver for my system. I have updated the BIOS to 3504 but am still looking for this utility driver update before installing the Asus ME update. It appears to be the usual thing where Asus refers to Intel, and Intel to Asus. Call me still confused.
    Here is the link to Intel and the Management Engine Interface driver.
    Download Intel® Management Engine Consumer Driver for Intel® NUC Kit NUC5i3RY, NUC5i5RY, NUC5i7RY, NUC5i3MY
      My Computers


  3. Posts : 258
    Windows 11 Pro
       #22

    fireberd said:
    I did come across that page while doing searches but I took it as the ME update for an Intel NUC. Asus has a lot of ME updates for their laptops but none specific for simply their motherboards like a Z170 Pro. Is this driver OK to use for this MB, is it the ME driver you installed? Still don't know what to install and the software to detect vulnerability says my system is so.

    Edit: From what I can see this ME driver is customized for each system by the motherboard manufacturers and is why I'm being careful about just what driver I install.
      My Computers


  4. Posts : 27,164
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #23

    ME you get as a BIOS update as it is an operating system on the CPU.
    MEI or Management Engine Interface you get either through Windows Update(or update it if you already have it through Device Manager), or as a driver download from your PC(for laptops & off the shelf pre-built desktops) and motherboard OEM.
      My Computers


  5. Posts : 2,297
    Windows 10 Pro (64 bit)
       #24

    It’s totally confusing. Mine is an ASUS Z170 pro gaming on old 2015 BIOS 0802. Struggling to grasp exactly what is needed to be done. There are references to BIOS, references to management engine interface. I’ve seen that things need to be done in specific order somewhere too. I’m sure the average computer user has little chance of figuring this out. I don’t think I am prepared to mess about with things like the BIOS so Intel and MS really need to sort this out fully via a software/windows update full fix.

    I know it’s a different thing but there was a big fuss at start of 2016 over skylake and some kind of bug requiring an urgent microcode fix through BIOS updates from motherboard manufacturers. I never applied it choosing to stay with the BIOS shipped and my machine has never stuttered or had a problem because of this. I kind of wonder if the BIOS / interface updates maybe overkill for the average user
      My Computer


  6. Posts : 2,832
    Windows 10 Pro X64
       #25

    Hi,

    Struggling to grasp exactly what is needed to be done. There are references to BIOS, references to management engine interface.
    You need the appropiate firmware update for your cpu. Often OEMs then also update other parts of the UEFI/BIOS and package it as an executable that runs the flashing routine.
    But in essence the FW update of MEI suffices to resolve this vulnerability.
    As @Cliff S correctly explained updating drivers alone does nothing to resolve this vulnerability as the problem resides within the mini-OS that's running in a micro-processor inside Intel CPUs supporting MEI (and AMT for corporate systems)

    Cheers,
      My Computers


  7. Posts : 258
    Windows 11 Pro
       #26

    Cliff, I have the latest Windows Update on the system and yesterday updated the BIOS from the Asus site yet the detection software still says this system is vulnerable. I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
      My Computers


  8. Posts : 2,832
    Windows 10 Pro X64
       #27

    Hi,
    @wordsworth :

    I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
    See my posting just above yours. But keep in mind that only resolves the MEI vulnerability and not the CPU ones like Spectre and Meltdown.

    Cheers,
      My Computers


  9. Posts : 27,164
    Win11 Pro, Win10 Pro N, Win10 Home, Windows 8.1 Pro, Ubuntu
       #28

    wordsworth said:
    Cliff, I have the latest Windows Update on the system and yesterday updated the BIOS from the Asus site yet the detection software still says this system is vulnerable. I looked on the Asus Z170 Pro DVD that came with the mobo and find an MEI directory with KB hotfixes but these appear to apply to Windows 7 rather than 10.
    You have already done what you can, updating to the new(Nan 2018?) BIOS and updating the Cumulative update(only if your AV has updated a fix, when using 3rd party solutions and not Defender).

    When I updated my BIOS two days ago, at first it said still not protected for the ME bug, but the next day I tried again and it then said it was

    For other members that use 3rd party AV solutions here, read this article: How to Check and Update Windows Systems for the Meltdown and Spectre CPU Flaws
    The whole mess with anti-virus programs
    Microsoft says that during tests, it detected some anti-virus programs causing BSOD crashes that prevented computers from booting after the installation of the Meltdown and Spectre patches.
    The company says it instructed anti-virus vendors to modify their products and create a registry key on customers' computers when they've confirmed or updated their products so not to crash Windows PCs post-Meltdown/Spectre updates.

    Microsoft says that currently, whenever users want to update Windows, its update system will check for that registry key on users' PCs.
    If the key exists, the Windows update process will believe the anti-virus software received an update to support the Meltdown and Spectre patches, and install the proper OS updates as well.
    This is where things get messy. Some AV companies have said they don't plan to create that registry key, some said they cannot "technically" create that key, while others will ship updates in the following days.
    This Google Docs file contains a list of the responses from some AV companies.
    In simple terms, most AV users will have to wait, as most AV companies have promised to update their products and automatically add the registry key.
    The simplest way to go about this is if you can go to the Windows Update section every day and press the "Check for updates" button and you'll receive the update after your AV product creates that registry key.
    If you're one of the unlucky souls whose AV company doesn't plan to add that registry key, this is a .reg file Bleeping Computer put together to automatically create the following registry key for you.
      My Computers


  10. Posts : 258
    Windows 11 Pro
       #29

    Cliff S said:
    You have already done what you can, updating to the new(Nan 2018?) BIOS and updating the Cumulative update(only if your AV has updated a fix, when using 3rd party solutions and not Defender).

    When I updated my BIOS two days ago, at first it said still not protected for the ME bug, but the next day I tried again and it then said it was
    Hmmm. I tried the detection tool again and it still says vulnerable. I have not though been successful installing the ME update Asus speaks of in their BIOS page and this because I cannot find this driver they refer to. I think I'm done for now though. This is what the page says at Asus:

    Version -2017/11/223.71 MBytesMEUpdateTool
    Intel has identified security issue that could potentially place impacted platform at risk. Use ME Update tool to update your ME.
    *We suggest you update ME Driver to the latest Version 11.7.0.1040 simultaneously.
    Please download the file and check the MD5 code first.
    MD5: 6d3df63d6fe7019f956e91aeb6bc9410"
      My Computers


 

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

© Designer Media Ltd
All times are GMT -5. The time now is 18:49.
Find Us




Windows 10 Forums