|
Your donations keep RPGWatch running!
Intel's Management Engine vulnerability
December 5th, 2017, 01:44
https://wccftech.com/pc-makers-intel-me-disabled/
https://downloadcenter.intel.com/download/27150
If you're in clear, you'll see something like this (GUI version):
If it says your rig is vulnerable, tough luck - you'll have to wait for a firmware that disables ME. But at least you'll be aware of a "ticking bomb".
Intel has long been at the center of a controversy surrounding its Management Engine. The company recently issued a security advisory admitting that it has discovered several security vulnerabilities in its in-chip program. While the company also released firmware updates that purportedly fix those issues, some of the hardware vendors have started to offer computers with disabled ME.You may check if your system is vulnerable easily as Intel made a tool (linux and windows):
https://downloadcenter.intel.com/download/27150
If you're in clear, you'll see something like this (GUI version):
If it says your rig is vulnerable, tough luck - you'll have to wait for a firmware that disables ME. But at least you'll be aware of a "ticking bomb".
--
Toka Koka
Toka Koka
The Smoker
Original Sin 1 & 2 Donor
December 5th, 2017, 15:02
I'm confused. Who is vulnerable ? This tool claims my i2500K is not vulnerable.
anyway i always thought this intel tool was a stupid idea prime for future shit.
anyway i always thought this intel tool was a stupid idea prime for future shit.
Lazy_dog
RPGWatch Donor
Original Sin 2 Donor
Original Sin 2 Donor
December 5th, 2017, 15:19
Don't ask me. I ran Intel's tool to check my junk, when it said I'm safe I just couldn't bother to read any details.
But anyway:
https://wccftech.com/intel-chip-flaws-security-risk/
My i5-4670K is 4th gen.
But I know people here bought some recent i7s… Or even i9s…
But anyway:
https://wccftech.com/intel-chip-flaws-security-risk/
Intel hasn’t disclosed the details of these vulnerabilities considering their high severity. Intel said that systems*using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.Your i5-2500K is 2nd gen.
Affected products include:
6th, 7th & 8th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
Intel® Xeon® Processor Scalable Family
Intel®*Xeon®*Processor W*Family
Intel® Atom® C3000 Processor Family
Apollo Lake Intel® Atom Processor E3900 series
Apollo Lake Intel® Pentium™
Celeron™*N and J series Processors
My i5-4670K is 4th gen.
But I know people here bought some recent i7s… Or even i9s…
--
Toka Koka
Toka Koka
The Smoker
Original Sin 1 & 2 Donor
December 5th, 2017, 16:13
I have a couple of old Core Duo machines. I will have to check and see.
Sentinel
December 5th, 2017, 16:32
If you can, I'd recommend crippling the ME altogether, from a security point of view. It's absolutely crazy - a blackbox mini OS always running in the background, with full access to all resources, and no way to know what it's doing. You could have the most secure OS ever devised, and the ME could still compromise you.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Бажаю успіху
December 5th, 2017, 18:49
use the utility at Intel to determine if you are vulnerable
Then if you are, you will need to flash your BIOS from an update at your manufacturers website - that's if you haven't built your own machine.
DELL doesn't list any Inspiron even Intel said it was vulnerable. My buddy at Intel told me to use a generic one from Dell that targets my version.
Then if you are, you will need to flash your BIOS from an update at your manufacturers website - that's if you haven't built your own machine.
DELL doesn't list any Inspiron even Intel said it was vulnerable. My buddy at Intel told me to use a generic one from Dell that targets my version.
--
Developer of The Wizard's Grave Android game. Discussion Thread:
http://www.rpgwatch.com/forums/showthread.php?t=22520
Developer of The Wizard's Grave Android game. Discussion Thread:
http://www.rpgwatch.com/forums/showthread.php?t=22520
Daywatch
December 5th, 2017, 18:58
Still weird I have a haswell refresh but that is 5th generation. So just the recent shit skylake+. Anyway… thanks.
the other vulnerability that worries me are the motherboards that allow remote flashing.
the other vulnerability that worries me are the motherboards that allow remote flashing.
Originally Posted by joxer
Don't ask me. I ran Intel's tool to check my junk, when it said I'm safe I just couldn't bother to read any details.
But anyway:
https://wccftech.com/intel-chip-flaws-security-risk/
Your i5-2500K is 2nd gen.
My i5-4670K is 4th gen.
But I know people here bought some recent i7s… Or even i9s…
Lazy_dog
RPGWatch Donor
Original Sin 2 Donor
Original Sin 2 Donor
December 16th, 2017, 18:57
The ME made me seriously worried. I might not even get an Intel PC at this point (I'm still negotiating the specs of my new PC).
Right now I'm more inclined to return to an AMD-based PC now.
Right now I'm more inclined to return to an AMD-based PC now.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
TL;DR
Original Sin 1 & 2 Donor
December 16th, 2017, 19:53
Originally Posted by Alrik FassbauerBear in mind that AMD have their equivalent of Intel's ME. I don't know they have any published vulnerabilities, but it's more or less the same kind of silly system. Pretty much all modern PCs have these supervisor chips, and at least some of the Intel ones can be disabled.
The ME made me seriously worried. I might not even get an Intel PC at this point (I'm still negotiating the specs of my new PC).
Right now I'm more inclined to return to an AMD-based PC now.
--
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
"I cannot define the real problem, therefore I suspect there's no real problem, but I'm not sure there's no real problem."
Richard Feynman
Бажаю успіху
December 17th, 2017, 04:09
Oops, mine says it's vulnerable, but I'm not sure what I'm supposed to download. According to the scan I have a MSI board, model MS-7A72. I couldn't find anything on that at MSI's site.
--
c-computer, r-role, p-playing, g-game, nut-extreme fan
=crpgnut or just
'nut @crpgnut
aka survivalnut
c-computer, r-role, p-playing, g-game, nut-extreme fan
=crpgnut or just
'nut @crpgnut
aka survivalnut
Survival Game Nut
RPGWatch Donor
Original Sin Donor
Original Sin Donor
December 17th, 2017, 05:46
I forgot about this. Not sure I will update my Core Duo machines because I'm too lazy.
Sentinel
December 18th, 2017, 20:42
Originally Posted by RipperYes, but to me it sounded as if ME was a whole sub-system …
Bear in mind that AMD have their equivalent of Intel's ME. I don't know they have any published vulnerabilities, but it's more or less the same kind of silly system. Pretty much all modern PCs have these supervisor chips, and at least some of the Intel ones can be disabled.
--
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
"Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius and a lot of courage to move in the opposite direction." (E.F.Schumacher, Economist, Source)
TL;DR
Original Sin 1 & 2 Donor
|
|
All times are GMT +2. The time now is 06:52.