Acer, Dell, Fujitsu, HP, Lenovo, Panasonic Impacted by Intel ME Security Bugs (Over 900 models affec

LASER_oneXM

Level 37
Thread author
Verified
Top Poster
Well-known
Feb 4, 2016
2,520
...more infomation about this bug (on malwaretips.com):
Intel Fixes Critical Bugs in Management Engine (affecting 6th, 7th, 8th Generation Core™ CPUs)

Acer, Dell, Fujitsu, HP, Lenovo, and Panasonic have officially confirmed that products incorporating Intel chipsets are affected by eight security flaws that allow hackers to take over devices.

Intel published details about these flaws in a security advisory, on Monday. The eight bugs affected core Intel CPU technologies such as the Intel Management Engine (ME), Intel Server Platform Services (SPS), and Intel Trusted Execution Engine (TXE).

Intel had deployed these technologies in Intel products such as:

6th, 7th & 8th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor W Family
Intel® Atom® C3000 Processor Family
Apollo Lake Intel® Atom Processor E3900 series
Apollo Lake Intel® Pentium™
Celeron™ N and J series Processors

Only the products using the following firmware versions were affected:

ME firmware versions 11.0/11.5/11.6/11.7/11.10/11.20
SPS Firmware version 4.0
TXE version 3.0

Many PC and notebook vendors incorporated these CPUs running vulnerable firmware versions in server, desktop, and notebook models they sold to users across the world.


At the time Intel published its advisory, it was not clear what vendors deployed the vulnerable firmware versions with Intel-based desktops and laptops.

Over 900 of PC and laptop models affected

As the week progressed, new information has come to light. The following vendors have published lists of products that use Intel products running a vulnerable firmware.



Vendor
Number of models Patches
Acer 242 No
Dell 214 No
Dell Server 16 No
Fujitsu (PDF) 165 No
HPE Server No clear number For some
Intel 34 No
Lenovo 222 For some
Panasonic 12 No
Not all vendors have released patches, and users should revisit those pages to download firmware updates for their devices when available.

If you don't spot the server, desktop, or laptop vendor and model in these pages, Intel has also released a Windows and Linux tool that scans the user's PC and tells him if he's impacted by the recently disclosed bugs. On Windows, users should run the Intel-SA-00086-GUI.exe file to view scan results (image below).

IntelDetectionTool.png
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top