May. 5th, 2017, 10:32
Intel reported a newly discovered firmware vulnerability which hits Intel enterprise PCs over the past decade on Monday. Intel said that an unprivileged attacker may use this vulnerability to attack computers through remote management. This vulnerability affects the firmware designed for enterprise IT management. Intel recommends that enterprise using Intel® Active Management Technology, Intel® Small Business Technology, and Intel® Standard Manageability in the system should use the patch to fix vulnerability as soon as possible.
It is reported that every generation Intel Core processor since 2008 are all likely to have this problem. This vulnerable vulnerability has been observed in Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. Intel said this vulnerability does not exist on Intel-based consumer PCs. The data center server running Intel Server Platform Services is also not affected by this vulnerability.
Intel did not provide technical details of the vulnerability, but said hackers may use the vulnerability to take over the remote management. An Intel security researcher found the vulnerability in March, but there has been no report showing that the vulnerability was exploited to implement attacking yet.
Intel already prepared patch and now is trying best to push it to users as soon as possible together with OEM. Before that, you can take the following steps to determine if you are affected:
Step 1: Determine if you have an Intel® AMT, Intel® SBA, or Intel® ISM capable system: https://communities.intel.com/docs/DOC-5693. If you determine that you do not have an Intel® AMT, Intel® SBA, or Intel® ISM capable system then no further action is required.
Step 2: Utilize the Detection Guide to assess if your system has the impacted firmware: https://downloadcenter.intel.com/download/26755. If you do have a version in the “Resolved Firmware” column no further action is required to secure your system from this vulnerability.
Step 3: Intel highly recommends checking with your system OEM for updated firmware. Firmware versions that resolve the issue have a four digit build number that starts with a “3” (X.X.XX.3XXX) Ex: 8.1.71.3608.
Step 4: If a firmware update is not available from your manufacturer, mitigations are provided in this document: https://downloadcenter.intel.com/download/26754
If the system manufacturer does not provide an available firmware update, Intel will also provide handing tips to customers. Intel said that disabling or removing the Windows service named "Local Manageability Service" can mitigate the impact of the vulnerability.
For more info, please check Intel Security Center
Intel reported a newly discovered firmware vulnerability which hits Intel enterprise PCs over the past decade on Monday. Intel said that an unprivileged attacker may use this vulnerability to attack computers through remote management. This vulnerability affects the firmware designed for enterprise IT management. Intel recommends that enterprise using Intel® Active Management Technology, Intel® Small Business Technology, and Intel® Standard Manageability in the system should use the patch to fix vulnerability as soon as possible.
It is reported that every generation Intel Core processor since 2008 are all likely to have this problem. This vulnerable vulnerability has been observed in Intel manageability firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6. Intel said this vulnerability does not exist on Intel-based consumer PCs. The data center server running Intel Server Platform Services is also not affected by this vulnerability.
Intel did not provide technical details of the vulnerability, but said hackers may use the vulnerability to take over the remote management. An Intel security researcher found the vulnerability in March, but there has been no report showing that the vulnerability was exploited to implement attacking yet.
Intel already prepared patch and now is trying best to push it to users as soon as possible together with OEM. Before that, you can take the following steps to determine if you are affected:
Step 1: Determine if you have an Intel® AMT, Intel® SBA, or Intel® ISM capable system: https://communities.intel.com/docs/DOC-5693. If you determine that you do not have an Intel® AMT, Intel® SBA, or Intel® ISM capable system then no further action is required.
Step 2: Utilize the Detection Guide to assess if your system has the impacted firmware: https://downloadcenter.intel.com/download/26755. If you do have a version in the “Resolved Firmware” column no further action is required to secure your system from this vulnerability.
Step 3: Intel highly recommends checking with your system OEM for updated firmware. Firmware versions that resolve the issue have a four digit build number that starts with a “3” (X.X.XX.3XXX) Ex: 8.1.71.3608.
Step 4: If a firmware update is not available from your manufacturer, mitigations are provided in this document: https://downloadcenter.intel.com/download/26754
If the system manufacturer does not provide an available firmware update, Intel will also provide handing tips to customers. Intel said that disabling or removing the Windows service named "Local Manageability Service" can mitigate the impact of the vulnerability.
For more info, please check Intel Security Center
Comment