Management Engine Critical Firmware Update (Intel-SA-00086)

[Vasudev]

Any issues with Win10 FCU, UEFI or ThrottleStop that I should know of?

Mine will get a fix on 14 jan or 31 jan.
Issues with EFI BIOS should be handled by Asus/Intel.
I'm on earlier W10 Creators update and didn't like FCU. RS4 is pretty much similar too and needs an SSD for best performance because on HDD its slow as hell.
I'm staying on Creators update until its EOL or any new version which impresses me comes out.

 

[HarborFront]

Ok, just check and my Surface device is not vulnerable

 

[brambedkar59]

Issues with EFI BIOS should be handled by Asus/Intel.

I should have phrased that correctly. I meant any compatibility issues between VMware CPU microcode updater tool and FCU or ThrottleStop.

 

[Andrew999]

Mine is Vulnerable. I am using a Gigabyte Model so I do not know when it will be fixed, does anyone have any idea?

 

[brambedkar59]

Mine is Vulnerable. I am using a Gigabyte Model so I do not know when it will be fixed, does anyone have any idea?

Did you checked the link given in the thread for Gigabyte?

 

[Andrew999]

Did you checked the link given in the thread for Gigabyte?

I do not understand it. I can not see any clear links on how to download.

 

[Vasudev]

I should have phrased that correctly. I meant any compatibility issues between VMware CPU microcode updater tool and FCU or ThrottleStop.

No issues at all.
@Andrew999
Best Option is to run MEInfo from Win-raid and see if MEFW Local Update is enabled or disabled. If its enabled, then you can flash any gigabyte's MEI FW w/o any issue.

 

[Faybert]

Lista de procesadores Intel vulnerables a Meltdown y Spectre

 

[IceLion36]

Yeah you're affected by SA00088. First option is to update W10/8.1/7 to latest build.
The microcode is being worked on by intel and isn't released publicly.
You can see the link stating intel-microcode (3.20171215.1) as unstable and isn't tested extensively and even Intel website has older version.
If your OEM doesn't update microcode, you can use VMware CPU microcode updater tool to manually patch ucode that is semi-permanent meaning when you clean install OS it will be removed. But it should fix the security issue by booting the new uCode on every W10 boot process.
I will update the tool once new uCodes are out. I will notify you once the OP update the links. [WARNING] Intel Skylake/Kaby Lake processors: Broken HT on Laptops & PC [Fix is here]

Intel security tool SA00086 says that my system has already been patched.
My motherboard is an Asus ROG Maximus IX Formula, so I think that SA00088 will be patched officially.
I'm a bit confused. The (official) patch for CPU's microcode needs to be updated via software update or BIOS Update?

 

[Vasudev]

Intel security tool SA00086 says that my system has already been patched.
My motherboard is an Asus ROG Maximus IX Formula, so I think that SA00088 will be patched officially.
I'm a bit confused. The (official) patch for CPU's microcode needs to be updated via software update or BIOS Update?

Normally OS must ship with an update cpu_mc_update file that can keep most PCs updated. The patch is at OS level only.
For more thorough patching, the BIOS ROM must include the microcode file and other stuffs like GOP,RAID,Network Boot ROM, enable/disabling CPU features etc..
Don't worry you will get the new BIOS with updated microcode.

 

[HarborFront]

Oooops.....my MS SP4 has Intel Management Engine v11.7.4.3330 and the detection tool says my system is vulnerable.

My MS SP3 is ok as its Intel Management Engine is v9.5.30.1808

Both have been updated to the latest and same firmware

 

[Iapepe]

I just checked and my Dell laptop is not vulnerable.
Thanks for sharing, BoraMurdar.