Just another reason to Disable the Intel ME:
  1 / 2    
[url=https://finance.yahoo.com/m/a73f9f98-fefe-3542-b49b-612531bc29ce/ss_intel%3a-we%27ve-found-severe.html]Severe Security Flaws[/url] in the Intel ME. Keep in mind, they have to have Local Access. But I believe it is just a matter of time before they find this is not the case and its broader. :) .
Severe Security Flaws in the Intel ME.

Keep in mind, they have to have Local Access. But I believe it is just a matter of time before they find this is not the case and its broader. :)


.

My Opinion is no more important or right than yours. But if your using the LATEST drivers, go back to the prior set.

Piss Poor tech support blame all issues on drivers and assumes that your an idiot. Find a set that you know worked and see if the problem exists still.

""Don't f with it if it ain't broken!""
Constantly updating drivers is a good way to F'up the whole system.

If the driver has an issue, don't be a fool, remove it.

Just because you can, does not mean you should.

#1
Posted 11/22/2017 05:52 PM   
November 21, 2017 Intel Patches CPU Bugs Impacting Millions of PCs, Servers | Threatpost | The first stop for security news [url]https://threatpost.com/intel-patches-cpu-bugs-impacting-millions-of-pcs-servers/128962/[/url]
November 21, 2017
Intel Patches CPU Bugs Impacting Millions of PCs, Servers | Threatpost | The first stop for security news
https://threatpost.com/intel-patches-cpu-bugs-impacting-millions-of-pcs-servers/128962/

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#2
Posted 11/22/2017 06:00 PM   
. :) [quote]If the INTEL-SA-00086 Detection Tool reported your system being vulnerable, please check with your system manufacturer for updated firmware.[/quote] Which Means, Millions will not get a fix as this will be updated via a MOTHERBOARD | System manufacturer ME Firmware update. Its one thing to find the problem, another to get user Awareness of the problem, and another to get multiple manufactures spanning millions of devices to each issue their own FIX for those items. .
.

:)

If the INTEL-SA-00086 Detection Tool reported your system being vulnerable, please check with your system manufacturer for updated firmware.
Which Means, Millions will not get a fix as this will be updated via a MOTHERBOARD | System manufacturer ME Firmware update.

Its one thing to find the problem, another to get user Awareness of the problem, and another to get multiple manufactures spanning millions of devices to each issue their own FIX for those items.


.

My Opinion is no more important or right than yours. But if your using the LATEST drivers, go back to the prior set.

Piss Poor tech support blame all issues on drivers and assumes that your an idiot. Find a set that you know worked and see if the problem exists still.

""Don't f with it if it ain't broken!""
Constantly updating drivers is a good way to F'up the whole system.

If the driver has an issue, don't be a fool, remove it.

Just because you can, does not mean you should.

#3
Posted 11/22/2017 06:07 PM   
19 October 2017 Purism Now Shipping Their Laptops With Intel ME Disabled - Phoronix [url]https://www.phoronix.com/scan.php?page=news_item&px=Librem-Laptops-ME-Disabled[/url]
19 October 2017
Purism Now Shipping Their Laptops With Intel ME Disabled - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=Librem-Laptops-ME-Disabled

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#4
Posted 11/22/2017 06:18 PM   
Owners of older Intel machines whose ME & AMT can no longer be patched may react to the above revelations by thinking that it's time to switch to a recent AMD platform. Anyone who is considering such an investment might want to read and do some research into the following: [i]"...The technologies in question are the Intel Management Engine (ME) and the AMD Platform Security Processor (PSP). Both serve effectively the same purpose; to ensure that the physical owner of the machine never has full control of said machine. These technologies, in turn, are used to implement various forms of remote control and Digital Rights Management (DRM) technologies..."[/i] Apr 4 17:06:23 CEST 2016 Uncorrectable freedom and security issues on x86 platforms [url]http://mail.fsfeurope.org/pipermail/discussion/2016-April/010912.html[/url] (Page 8) [i]"...PLATFORM SECURITY PROCESSOR..."[/i] UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf [url]http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf[/url] AMD Secure Processor (Built-in technology) [url]https://www.amd.com/en-us/innovations/software-technologies/security[/url] Petition · Advanced Micro Devices - AMD: Release the source code for the secure processor (PSP) · Change.org [url]https://www.change.org/p/advanced-micro-devices-amd-release-the-source-code-for-the-secure-processor-psp[/url] UPDATES: (No confirmation from AMD yet) [i]"With the latest AGESA update for Ryzen-based systems, AMD is reportedly allowing the Platform Security Processor (PSP) to be disabled. The AMD PSP akin to Intel's Management Engine..."[/i] 7 December 2017 AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA - Phoronix [url]https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-Disable-Option[/url] [i]"...AMD's Secure Processor / Platform Security Processor (PSP) that is akin to Intel's Management Engine (ME) is reportedly vulnerable to remote code execution..."[/i] 5 January 2018 at 03:47 PM EST AMD PSP Affected By Remote Code Execution Vulnerability - Phoronix [url]https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-2018-Vulnerability[/url] -- AFAIK the only auditable computing platform that isn't completely out-of-reach is this one: Raptor Engineering::Talos™ II Secure Workstation [url]https://www.raptorcs.com/TALOSII/[/url] The above workstation won't be running Windows. Microsoft PowerPoint - HC28.POWER9-Thompto-IBM-final.pptx - HC28.23.921-.POWER9-Thompto-IBM-final.pdf [url]https://www.hotchips.org/wp-content/uploads/hc_archives/hc28/HC28.23-Tuesday-Epub/HC28.23.90-High-Perform-Epub/HC28.23.921-.POWER9-Thompto-IBM-final.pdf[/url]
Owners of older Intel machines whose ME & AMT can no longer be patched may react to the above revelations by thinking that it's time to switch to a recent AMD platform. Anyone who is considering such an investment might want to read and do some research into the following:

"...The technologies in question are the Intel Management Engine (ME) and the AMD Platform Security Processor (PSP). Both serve effectively the same purpose; to ensure that the physical owner of the machine never has full control of said machine. These technologies, in turn, are used to implement various forms of remote control and Digital Rights Management (DRM) technologies..."

Apr 4 17:06:23 CEST 2016
Uncorrectable freedom and security issues on x86 platforms
http://mail.fsfeurope.org/pipermail/discussion/2016-April/010912.html

(Page 8) "...PLATFORM SECURITY PROCESSOR..."

UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf
http://www.uefi.org/sites/default/files/resources/UEFI_PlugFest_AMD_Security_and_Server_innovation_AMD_March_2013.pdf

AMD Secure Processor (Built-in technology)
https://www.amd.com/en-us/innovations/software-technologies/security

Petition · Advanced Micro Devices - AMD: Release the source code for the secure processor (PSP) · Change.org
https://www.change.org/p/advanced-micro-devices-amd-release-the-source-code-for-the-secure-processor-psp

UPDATES:

(No confirmation from AMD yet)

"With the latest AGESA update for Ryzen-based systems, AMD is reportedly allowing the Platform Security Processor (PSP) to be disabled. The AMD PSP akin to Intel's Management Engine..."

7 December 2017
AMD Reportedly Allows Disabling PSP Secure Processor With Latest AGESA - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-Disable-Option

"...AMD's Secure Processor / Platform Security Processor (PSP) that is akin to Intel's Management Engine (ME) is reportedly vulnerable to remote code execution..."

5 January 2018 at 03:47 PM EST
AMD PSP Affected By Remote Code Execution Vulnerability - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=AMD-PSP-2018-Vulnerability

--

AFAIK the only auditable computing platform that isn't completely out-of-reach is this one:

Raptor Engineering::Talos™ II Secure Workstation
https://www.raptorcs.com/TALOSII/

The above workstation won't be running Windows.

Microsoft PowerPoint - HC28.POWER9-Thompto-IBM-final.pptx - HC28.23.921-.POWER9-Thompto-IBM-final.pdf
https://www.hotchips.org/wp-content/uploads/hc_archives/hc28/HC28.23-Tuesday-Epub/HC28.23.90-High-Perform-Epub/HC28.23.921-.POWER9-Thompto-IBM-final.pdf

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#5
Posted 11/22/2017 07:01 PM   
. Nice. .
.

Nice.


.

My Opinion is no more important or right than yours. But if your using the LATEST drivers, go back to the prior set.

Piss Poor tech support blame all issues on drivers and assumes that your an idiot. Find a set that you know worked and see if the problem exists still.

""Don't f with it if it ain't broken!""
Constantly updating drivers is a good way to F'up the whole system.

If the driver has an issue, don't be a fool, remove it.

Just because you can, does not mean you should.

#6
Posted 11/23/2017 01:34 AM   
[i]"...Most systems with Intel ME are impacted, but if in doubt, there is a new binary utility from Intel for both Windows and Linux to check your system's state..."[/i] 23 November 2017 Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities - Phoronix [url]https://www.phoronix.com/scan.php?page=news_item&px=Intel-ME-Linux-Vuln-Checker[/url] -- Acer: Support Information Dell Client: Support Information Dell Server: Support Information Fujitsu: Support Information HPE Servers: Support Information Intel® NUC, Intel® Compute Stick, and Intel® Compute Card: Support Information Lenovo: Support Information Panasonic: Support Information Intel® Management Engine Critical Firmware Update (Intel SA-00086) [url]https://www.intel.com/content/www/us/en/support/articles/000025619/software.html[/url] -- An article whose included links supply more background: May 2, 2017 Intel AMT Vulnerability Shows Intel’s Management Engine Can Be Dangerous [url]http://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.html[/url]
"...Most systems with Intel ME are impacted, but if in doubt, there is a new binary utility from Intel for both Windows and Linux to check your system's state..."

23 November 2017
Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=Intel-ME-Linux-Vuln-Checker

--

Acer: Support Information
Dell Client: Support Information
Dell Server: Support Information
Fujitsu: Support Information
HPE Servers: Support Information
Intel® NUC, Intel® Compute Stick, and Intel® Compute Card: Support Information
Lenovo: Support Information
Panasonic: Support Information

Intel® Management Engine Critical Firmware Update (Intel SA-00086)
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

--

An article whose included links supply more background:

May 2, 2017
Intel AMT Vulnerability Shows Intel’s Management Engine Can Be Dangerous
http://www.tomshardware.com/news/intel-amt-vulnerability-me-dangerous,34300.html

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#7
Posted 11/24/2017 01:30 AM   
An explanation of what Intel ME is: Intel Management Engine (ME) [url]https://libreboot.org/faq.html#intelme[/url] Intel ME Secrets Hidden code in your chipset and how to discover what exactly it does Igor Skochinsky Hex-Rays RECON 2014 Montreal 55:13 Aug 19, 2014 REcon 2014 - Intel Management Engine Secrets (Igor Skochinsky) - YouTube https://www.youtube.com/watch?v=4kCICUPc9_8&list=PLIjpAcwszL0pjLhFwmEByK9AIQNUClCIg Related: [i]"Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware In this work we present a stealthy malware that exploits dedicated hardware on the target system and remains persistant across boot cycles. The malware is capable of gathering valuable information such as passwords. Because the infected hardware can perform arbitrary main memory accesses, the malware can modify kernel data structures and escalate privileges of processes executed on the system. The malware itself is a DMA malware implementation referred to as DAGGER. DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel. We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code. Dedicated hardware such as network interface cards and video controllers can be exploited to conduct a direct memory access (DMA) attack. Direct access means main memory access without the involvement of the host CPU, which in turn means that existing host security software cannot detect or prevent the attack. Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME). Our attack environment is dedicated hardware based on a 32-bit RISC processor called ARCtangent-A4 (ARC4, x86-incompatible) implemented in the chipset of modern Intel platforms. Intel's ME executes special firmware such as Intel's Active Management Technology (iAMT). The ME/iAMT environment provides an administrator with an Out-of-Band (OOB) network channel to maintain the computer platform remotely. A prominent iAMT feature is the capability to remotely reinstall an operating system that got corrupted and does not boot anymore. iAMT is also available when the platform is in a standby or powered off state. This can be exploited to implement persistent DMA malware. It is needless to say that such a powerful environment must be well protected. Hence, Intel enforces strong isolation of the ME execution environment that makes it perfect to hide malware. The ME is not only implemented in business platforms, but also in consumer platforms. Our work does not only show, that an arbitrary attacker is able to perform one of the most dangerous attacks against an iAMT featured platform, but also, that the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug. In the first part of our presentation we exploit the DMA engine of Intel's ME to find valuable data in the host runtime memory. We have two memory targets. Our first target is the keyboard buffer. We demonstrate how to find the buffer on a Linux as well as on a Windows operating system. Our implementation is called DAGGER - DmA based keyloGGER. We implemented different search strategies for the operating system targets. On Windows we need to find the corresponding CR3 processor register value to get the page directory entries that are needed to map virtual memory addresses into physical ones. We also had to take address randomization into account. The search strategy for the Windows keyboard buffer is mainly based on finding and traversing the so called Object Manager Namespace Directory (OMND). On Linux we implemented a different search strategy. On Linux we have a different starting point for the search phase than on Windows. The implementation to map virtual memory addresses into physical ones is also different. On Linux we can go without page tables. Due to the availability of the Linux source code it was easier to derive a signature for our target structure used by the USB HID driver. We can permanently monitor the keyboard buffer on both operating system targets. Hence, we can capture all user input (passwords, instant messenger sessions, etc.) done via the associated keyboard. Our second memory target concerns the privilege data of an arbitrary process. Again, we use the DMA engine of the ME to find the appropriate data structure. Then we overwrite the existing privileges with root privileges via DMA."[/i] Jan 7, 2014 Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [30c3] - YouTube https://www.youtube.com/watch?v=Ck8bIjAUJgE Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [30c3] - YouTube https://web.archive.org/web/20160307234717/https://www.youtube.com/watch?v=Ck8bIjAUJgE [i]"...Various Intel representatives over the years took my words seriously, told me I was crazy, denied that the problem could exist, and even gave SemiAccurate rather farcical technical reasons why their position wasn’t wrong. Or dangerous... ...When Intel told us that a version of AMT could be used to bare metal image a dead machine over a cellular connection, we turned white. We explained to them why SemiAccurate thought this was a bad idea and they respectfully disagreed... ...This brings us to a very ugly point. Intel has put AMT and it’s variants into every device they make. Some you can’t see because it is fused off but off is a very strong term. There are several features that AMT provides that are present in consumer systems even though the ‘technology’ isn’t there. This is one of the arguments that SemiAccurate has had with Intel security personnel over the years, we have begged them to offer a SKU without the AMT hardware for just this very reason. Intel didn’t, the pressure to lock corporate customers in to their silicon was too high. With this exploit, every Intel box for 9+ years is now vulnerable because you couldn’t buy a box without it even if you wanted to other than a few older 4S servers..."[/i] May 1, 2017 Remote security exploit in all 2008+ Intel platforms - SemiAccurate [url]https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/[/url] Coming soon... How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine - Black Hat Europe 2017 | Briefings Schedule [url]https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668[/url]
An explanation of what Intel ME is:

Intel Management Engine (ME)
https://libreboot.org/faq.html#intelme

Intel ME Secrets
Hidden code in your chipset and how to discover what exactly it does
Igor Skochinsky Hex-Rays
RECON 2014 Montreal

55:13
Aug 19, 2014
REcon 2014 - Intel Management Engine Secrets (Igor Skochinsky) - YouTube


Related:

"Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware

In this work we present a stealthy malware that exploits dedicated hardware on the target system and remains persistant across boot cycles. The malware is capable of gathering valuable information such as passwords. Because the infected hardware can perform arbitrary main memory accesses, the malware can modify kernel data structures and escalate privileges of processes executed on the system.

The malware itself is a DMA malware implementation referred to as DAGGER. DAGGER exploits Intel's Manageability Engine (ME), that executes firmware code such as Intel's Active Management Technology (iAMT), as well as its OOB network channel. We have recently improved DAGGER's capabilites to include support for 64-bit operating systems and a stealthy update mechanism to download new attack code.

Dedicated hardware such as network interface cards and video controllers can be exploited to conduct a direct memory access (DMA) attack. Direct access means main memory access without the involvement of the host CPU, which in turn means that existing host security software cannot detect or prevent the attack.

Our presentation covers a DMA malware that benefits from an isolated network channel to update the attack code and to exfiltrate captured data. To be more precise, we show how to conduct a DMA attack using Intel's Manageability Engine (ME). Our attack environment is dedicated hardware based on a 32-bit RISC processor called ARCtangent-A4 (ARC4, x86-incompatible) implemented in the chipset of modern Intel platforms. Intel's ME executes special firmware such as Intel's Active Management Technology (iAMT). The ME/iAMT environment provides an administrator with an Out-of-Band (OOB) network channel to maintain the computer platform remotely. A prominent iAMT feature is the capability to remotely reinstall an operating system that got corrupted and does not boot anymore. iAMT is also available when the platform is in a standby or powered off state. This can be exploited to implement persistent DMA malware. It is needless to say that such a powerful environment must be well protected. Hence, Intel enforces strong isolation of the ME execution environment that makes it perfect to hide malware. The ME is not only implemented in business platforms, but also in consumer platforms.

Our work does not only show, that an arbitrary attacker is able to perform one of the most dangerous attacks against an iAMT featured platform, but also, that the ME provides a perfect environment for undetectable sensitive data leakage on behalf of the attacker. Our presentation consists of three parts. The first part addresses how to find valuable data in the main memory of the host. The second part exploits the ME's OOB network channel to exfiltrate captured data to an external platform and to inject new attack code to target other interesting data structures available in the host runtime memory. The last part deals with the implementation of a covert network channel based on JitterBug.

In the first part of our presentation we exploit the DMA engine of Intel's ME to find valuable data in the host runtime memory. We have two memory targets. Our first target is the keyboard buffer. We demonstrate how to find the buffer on a Linux as well as on a Windows operating system. Our implementation is called DAGGER - DmA based keyloGGER. We implemented different search strategies for the operating system targets. On Windows we need to find the corresponding CR3 processor register value to get the page directory entries that are needed to map virtual memory addresses into physical ones. We also had to take address randomization into account. The search strategy for the Windows keyboard buffer is mainly based on finding and traversing the so called Object Manager Namespace Directory (OMND). On Linux we implemented a different search strategy. On Linux we have a different starting point for the search phase than on Windows. The implementation to map virtual memory addresses into physical ones is also different. On Linux we can go without page tables. Due to the availability of the Linux source code it was easier to derive a signature for our target structure used by the USB HID driver.

We can permanently monitor the keyboard buffer on both operating system targets. Hence, we can capture all user input (passwords, instant messenger sessions, etc.) done via the associated keyboard. Our second memory target concerns the privilege data of an arbitrary process. Again, we use the DMA engine of the ME to find the appropriate data structure. Then we overwrite the existing privileges with root privileges via DMA."


Jan 7, 2014
Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [30c3] - YouTube


Persistent, Stealthy, Remote-controlled Dedicated Hardware Malware [30c3] - YouTube
https://web.archive.org/web/20160307234717/

"...Various Intel representatives over the years took my words seriously, told me I was crazy, denied that the problem could exist, and even gave SemiAccurate rather farcical technical reasons why their position wasn’t wrong. Or dangerous...

...When Intel told us that a version of AMT could be used to bare metal image a dead machine over a cellular connection, we turned white. We explained to them why SemiAccurate thought this was a bad idea and they respectfully disagreed...

...This brings us to a very ugly point. Intel has put AMT and it’s variants into every device they make. Some you can’t see because it is fused off but off is a very strong term. There are several features that AMT provides that are present in consumer systems even though the ‘technology’ isn’t there. This is one of the arguments that SemiAccurate has had with Intel security personnel over the years, we have begged them to offer a SKU without the AMT hardware for just this very reason. Intel didn’t, the pressure to lock corporate customers in to their silicon was too high.

With this exploit, every Intel box for 9+ years is now vulnerable because you couldn’t buy a box without it even if you wanted to other than a few older 4S servers..."


May 1, 2017
Remote security exploit in all 2008+ Intel platforms - SemiAccurate
https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/

Coming soon...

How to Hack a Turned-Off Computer, or Running Unsigned Code in Intel Management Engine - Black Hat Europe 2017 | Briefings Schedule
https://www.blackhat.com/eu-17/briefings/schedule/#how-to-hack-a-turned-off-computer-or-running-unsigned-code-in-intel-management-engine-8668

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#8
Posted 11/29/2017 11:13 AM   
. Man is the NSA gonna be mad when someone fixes this. .
.

Man is the NSA gonna be mad when someone fixes this.


.

My Opinion is no more important or right than yours. But if your using the LATEST drivers, go back to the prior set.

Piss Poor tech support blame all issues on drivers and assumes that your an idiot. Find a set that you know worked and see if the problem exists still.

""Don't f with it if it ain't broken!""
Constantly updating drivers is a good way to F'up the whole system.

If the driver has an issue, don't be a fool, remove it.

Just because you can, does not mean you should.

#9
Posted 11/29/2017 01:33 PM   
lol
lol

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#10
Posted 11/29/2017 08:29 PM   
30 November 2017 System76 Will Begin Disabling Intel ME In Their Linux Laptops - Phoronix [url]https://www.phoronix.com/scan.php?page=news_item&px=System76-Disable-ME-Laptop[/url]
30 November 2017
System76 Will Begin Disabling Intel ME In Their Linux Laptops - Phoronix
https://www.phoronix.com/scan.php?page=news_item&px=System76-Disable-ME-Laptop

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#11
Posted 11/30/2017 09:18 PM   
Related: Security Researcher Christopher Domas explains and demonstrates the exploitable flaws in x86 code and the chips which run it. - GeForce Forums [url]https://forums.geforce.com/default/topic/1030417/pc-components/security-researcher-christopher-domas-explains-and-demonstrates-the-exploitable-flaws-in-x86-code-and-the-chips-which-run-it-/[/url]
Related:

Security Researcher Christopher Domas explains and demonstrates the exploitable flaws in x86 code and the chips which run it. - GeForce Forums
https://forums.geforce.com/default/topic/1030417/pc-components/security-researcher-christopher-domas-explains-and-demonstrates-the-exploitable-flaws-in-x86-code-and-the-chips-which-run-it-/

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#12
Posted 12/02/2017 10:03 PM   
12/02/2017 Dell also sells laptops with Intel Management Engine disabled - Liliputing [url]https://liliputing.com/2017/12/dell-also-sells-laptops-intel-management-engine-disabled.html[/url]
12/02/2017
Dell also sells laptops with Intel Management Engine disabled - Liliputing
https://liliputing.com/2017/12/dell-also-sells-laptops-intel-management-engine-disabled.html

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#13
Posted 12/07/2017 11:22 PM   
(Text quoted in near-full given this issue's importance. Check the article for relevant links.) [i]"As promised earlier, the researchers from the Russian security firm Positive Technologies have revealed how they managed to hack Intel’s Management Engine chip, running the MINIX OS, which has become famous overnight. At the BlackHat Europe conference in London, the researchers Mark Ermolov and Maxim Goryachy disclosed (PDF) stack buffer overflow bugs (CVE-2017-5705, CVE-2017-5706, CVE-2017-5707) in Intel ME 11. These could give an attacker “deep level access to most data and processes being run on the device,” and turn on the so-called ‘God Mode’ capabilities. The attacker can run unsigned code, take control of peripherals and components, or even compromise a turned-off computer, on the Intel-inside machines shipped since 2015. The machine would function as usual, without the user and the OS having any knowledge of what’s happening. Last month, Intel talked about the vulnerabilities in a security advisory and also released patches to fix them. But it would be the manufacturers who have the responsibilities to push those patches timely. According to the researchers, these security patches would become ineffective if an attacker with a write access to ME-region manages to downgrade the firmware of the Intel ME chip. He would be able to exploit the bugs. This could possibly expand the list of affected devices as Intel started putting ME chips way back in 2007. However, to get into a target machine, an attacker would require physical access, or he would have to steal the remote login credentials. For instance, if the target machine is a part of a corporate network managed by an IT admin. There isn’t any security software that could safeguard users from the vulnerability as the ME chip operates outside the reach of anti-malware tools, even the operating system. Thankfully, there are some PC manufacturers who are willing to pull the plug on the ME chip for their users..."[/i] December 8, 2017 Hackers Turn On "GOD MODE" To Hack Intel ME Chip #BlackHatEurope [url]https://fossbytes.com/intel-me-chip-god-mode-hack-black-hat-europe/[/url] December 6, 2017 Positive Technologies details flaw in Intel chips that could give an attacker unprecedented access to desktops, servers and IoT devices worldwide [url]https://www.ptsecurity.com/ww-en/about/news/288666/[/url] PowerPoint Presentation - eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf [url]https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf[/url] eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf [url]https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf[/url]
(Text quoted in near-full given this issue's importance. Check the article for relevant links.)

"As promised earlier, the researchers from the Russian security firm Positive Technologies have revealed how they managed to hack Intel’s Management Engine chip, running the MINIX OS, which has become famous overnight.

At the BlackHat Europe conference in London, the researchers Mark Ermolov and Maxim Goryachy disclosed (PDF) stack buffer overflow bugs (CVE-2017-5705, CVE-2017-5706, CVE-2017-5707) in Intel ME 11.

These could give an attacker “deep level access to most data and processes being run on the device,” and turn on the so-called ‘God Mode’ capabilities.

The attacker can run unsigned code, take control of peripherals and components, or even compromise a turned-off computer, on the Intel-inside machines shipped since 2015. The machine would function as usual, without the user and the OS having any knowledge of what’s happening.

Last month, Intel talked about the vulnerabilities in a security advisory and also released patches to fix them. But it would be the manufacturers who have the responsibilities to push those patches timely.

According to the researchers, these security patches would become ineffective if an attacker with a write access to ME-region manages to downgrade the firmware of the Intel ME chip. He would be able to exploit the bugs.

This could possibly expand the list of affected devices as Intel started putting ME chips way back in 2007. However, to get into a target machine, an attacker would require physical access, or he would have to steal the remote login credentials. For instance, if the target machine is a part of a corporate network managed by an IT admin.

There isn’t any security software that could safeguard users from the vulnerability as the ME chip operates outside the reach of anti-malware tools, even the operating system. Thankfully, there are some PC manufacturers who are willing to pull the plug on the ME chip for their users..."


December 8, 2017
Hackers Turn On "GOD MODE" To Hack Intel ME Chip #BlackHatEurope
https://fossbytes.com/intel-me-chip-god-mode-hack-black-hat-europe/

December 6, 2017
Positive Technologies details flaw in Intel chips that could give an attacker unprecedented access to desktops, servers and IoT devices worldwide
https://www.ptsecurity.com/ww-en/about/news/288666/

PowerPoint Presentation - eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf
https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine.pdf

eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf
https://www.blackhat.com/docs/eu-17/materials/eu-17-Goryachy-How-To-Hack-A-Turned-Off-Computer-Or-Running-Unsigned-Code-In-Intel-Management-Engine-wp.pdf

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#14
Posted 12/08/2017 12:19 PM   
[i]"Summary: In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience. As a result, Intel has identified security vulnerabilities that could potentially place impacted platforms at risk. Description: In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience. As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 6.x/7.x/8.x/9.x/10.x//11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted. Affected products: 1st, 2nd, 3rd, 4th, 5th, 6th, 7th & 8th Generation Intel® Core™ Processor Family Intel® Xeon® Processor E3-1200 v5 & v6 Product Family Intel® Xeon® Processor Scalable Family Intel® Xeon® Processor W Family Intel® Pentium® Processor G Series Intel® Atom® C3000 Processor Family Apollo Lake Intel® Atom Processor E3900 series Apollo Lake Intel® Pentium™ Celeron™ G, N and J series Processors Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE). This includes scenarios where a successful attacker could: Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity. Load and execute arbitrary code outside the visibility of the user and operating system. Cause a system crash or system instability. For more information, please see this Intel Support article..."[/i] Dec 22, 2017 Intel® Product Security Center [url]https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr[/url] Intel® Management Engine Critical Firmware Update (Intel-SA-00086) [url]https://www.intel.com/content/www/us/en/support/articles/000025619/software.html[/url]
"Summary:

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience.

As a result, Intel has identified security vulnerabilities that could potentially place impacted platforms at risk.

Description:

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.

As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 6.x/7.x/8.x/9.x/10.x//11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.

Affected products:

1st, 2nd, 3rd, 4th, 5th, 6th, 7th & 8th Generation Intel® Core™ Processor Family
Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
Intel® Xeon® Processor Scalable Family
Intel® Xeon® Processor W Family
Intel® Pentium® Processor G Series
Intel® Atom® C3000 Processor Family
Apollo Lake Intel® Atom Processor E3900 series
Apollo Lake Intel® Pentium™
Celeron™ G, N and J series Processors

Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

This includes scenarios where a successful attacker could:

Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
Load and execute arbitrary code outside the visibility of the user and operating system.
Cause a system crash or system instability.
For more information, please see this Intel Support article..."


Dec 22, 2017
Intel® Product Security Center
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

Intel® Management Engine Critical Firmware Update (Intel-SA-00086)
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

linuxmint-18.3-mate-64bit, *4.15.18-041518-generic, *4.15.18-041518-lowlatency *XG-C100C (*PnP) *2018-01 C.U. for Win 10 1709 x64 (KB4056892), 600084f | (EOL)SABERTOOTH 990FX R2.0 (UEFI 2901, 2016/08/05), FX-8370 (Wraith) fam15h, details, 600084f, CSM-->UEFI and **Legacy OpROM (**allows for the custom partitioning of SSDs & HDDs that will also work intact with up-to-date Vishera-capable PC-BIOS-based motherboards), no 'Secure' Boot or HPET | IOMMU Enabled (64-bit) | KVR16E11K4/32 (MBECI-0006) | STRIX-GTX960-DC2OC-4GD5 (nVidia 384.130). Resume from S3 works correctly in all regards. Hibernate does not. | GL2450HM, DVIDDMM10, ARMUNONB | 220-G2-0850-XR | GH22LP20 (LightScribe), USB2SATAIDE (JM20337) | DRW-24B1ST | PEXMSATA3422 (FW: 2.3.0.1065) with 2 x SMS200S3/120G in RAID 0 and 2 x ST3000DM001 in RAID 0 | 1 x SUV400S37240G, 1 x ST6000DM001, 1 x ST2000DM001 [Win 10 Pro 1709 x64] (SB950) | 1 x SUV400S37240G, 1 x ST6000DM001 (ASM1062) | JMS561-based S252BU33R (FW: 101.01.01.09, incompatible with the ASM1042A in all modes) with 2 x ST2000LM003 (RAID0), JU-P40511-S1 (uPD720201), JU-H40711-S1 (VIA VL811+) | CM 690 II Advanced, 2 x HP-12 PWMs, 6 x HP-14 PWMs, 1 x FAN7X10TX3 (via a 70mm to 80mm AM2 CPU cooler bracket) | ST0026Z | PCE-AC55BT (Intel 7260) PnP, no suspend issues with or without ErP | Y-BF37 (Sleep key), SM50F76959

#15
Posted 12/28/2017 03:56 PM   
  1 / 2    
Scroll To Top