Flaws found in Intel Management Engine (ME), TXE and SPS

Page 1 of 20 12311 ... LastLast
  1. Brink's Avatar
    Posts : 35,254
    64-bit Windows 10 Pro build 18317
       21 Nov 2017 #1

    Flaws found in Intel Management Engine (ME), TXE and SPS

    Thanks to an investigation by third-party researchers into Intel's hidden firmware in certain chips, Intel decided to audit its firmware and on Monday confirmed it had found 11 severe bugs that affect millions of computers and servers.

    The flaws affect Management Engine (ME), Trusted Execution Engine (TXE), and Server Platform Services (SPS).

    Intel discovered the bugs after Maxim Goryachy and Mark Ermolov from security firm Positive Technologies found a critical vulnerability in the ME firmware that Intel now says would allow an attacker with local access to execute arbitrary code.

    The researchers in August published details about a secret avenue that the US government can use to disable ME, which is not available to the public.

    Intel ME has been a source of concern for security-minded users, in part because only Intel can inspect the firmware, yet many researchers suspected the powerful subsystem had bugs that were ripe for abuse by attackers...

    ...To help users address the current batch of bugs, Intel has released a detection tool for Windows and Linux systems, which displays a risk assessment of the system. Intel says the bugs may affect PCs, servers, and IoT platforms.

    The bugs affect systems using Intel's 6th, 7th, and 8th Generation Core CPUs, a range of Xeon processors, as well the Apollo Lab Atom E3900 series, Apollo Lake Pentium, and Celeron N and J series chips.

    Intel says the flaws would allow an attacker to "Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity".

    The attacker could also load and execute arbitrary code that would be invisible to the user and operating system...

    Read more: Intel: We've found severe bugs in secretive Management Engine, affecting millions | ZDNet

    See also: Intel Product Security Center
    Last edited by Brink; 3 Weeks Ago at 09:53.
      My ComputersSystem Spec

  2.    21 Nov 2017 #1

    Thanks Brink for the heads up i ran the tool all good here :) question i assume it's a stand alone and i can just delete it ?
      My ComputerSystem Spec

  3. Brink's Avatar
    Posts : 35,254
    64-bit Windows 10 Pro build 18317
    Thread Starter
       21 Nov 2017 #2

    Yep, the tool is a standalone that can just be deleted when done with it. :)

    My report:

    Click image for larger version. 

Name:	Tool.png 
Views:	482 
Size:	43.4 KB 
ID:	164973
      My ComputersSystem Spec

  4.    21 Nov 2017 #3

    Here is mine as well looks good.

    Click image for larger version. 

Name:	Untitled.png 
Views:	479 
Size:	125.7 KB 
ID:	164975
      My ComputerSystem Spec

  5. Posts : 773
    Windows 10 Pro 64bit 1809 17763.253
       21 Nov 2017 #4

    Vulnerable here reported by Intels test tool, now just to wait for Asus to get a fix out for my Intel I7 G11CD system
    Attached Thumbnails Attached Thumbnails Intel Test.jpg  
      My ComputersSystem Spec

  6. Posts : 773
    Windows 10 Pro 64bit 1809 17763.253
       21 Nov 2017 #5

    Heres mine, doesn't look good, vulnerable--Now to wait on Asus for a fix!
    Attached Thumbnails Attached Thumbnails Intel Test.jpg  
      My ComputersSystem Spec

  7.    21 Nov 2017 #6


    Fixed last night by a bios flash. Flashed the TPM module as well for the Kaby Lake MB.
    Still no flash for the Sky Lake available though.

      My ComputersSystem Spec

  8. Posts : 773
    Windows 10 Pro 64bit 1809 17763.253
       21 Nov 2017 #7

    Checked for bios update for mine already, nothing list on Asus site, so guess waiting stage for myself lol
      My ComputersSystem Spec

  9.    21 Nov 2017 #8

    Mine showing vulnerable as well. Loaded newer bios to second bios chip but it has same ME FW on it and also vulnerable. Just have to wait for an update.
      My ComputerSystem Spec

  10. Posts : 583
    Windows 10 Pro 64bit; Windows 10 TP; KDE Neon
       21 Nov 2017 #9


    This does not affect my system, as can be seen here, however I'd like to ask the more knowledgeable users:

    - Is it true that under Windows 10 Pro one can escape this vulnerability after enabling Hyper-V in Windows features? Perhaps due to this?

    Personally, I have Virtualization disabled in my BIOS, because it might destabilize my overclock, and because I never use it, and additionally this vulnerability does not affect me, but I'm just curious...

    Thank you.
      My ComputerSystem Spec

Page 1 of 20 12311 ... LastLast

Related Threads
Researchers say Intel's Management Engine feature can be switched off | ZDNet
Hello as Question title says. I'm having difficulty finding the drivers on the Intel website Support and Drivers menu. Drivers needed: Intel Chipset & Intel Management Engine Im using a Z170 motherboard with an I7 6700K. OS Windows 10 64Bit...
Intel Management Engine in Drivers and Hardware
What is Intel Management Engine Components. I have a Dell Precision Tower 7910 and Laptop Precision 7710. they have the Intel Management Engine Components installed. I am running Win 10. I am not on a corporate network. The Intel Management...
I can't seem to find this in the Intel Download Center anywhere. I have an Alienware M14X R1, and the IMEI driver listed on Dell's support website for my model is several years old and severely out of date. Windows Update doesn't seem to have it...
Intel Management Engine Interface (MEI) Version WHQL Download: http://www.station-drivers.com/index.php?option=com_remository&Itemid=352&func=fileinfo&id=1723&lang=en
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 17:55.
Find Us