Overclock.net › Forums › Industry News › Hardware News › [techradar] - Did Intel leave a huge security hole in your brand new PC?
New Posts  All Forums:Forum Nav:

[techradar] - Did Intel leave a huge security hole in your brand new PC? - Page 2

post #11 of 47
Quote:
Originally Posted by WannaBeOCer View Post

I patched mine last night. I suggest you guys do the same.

https://www.win-raid.com/t596f39-Intel-Management-Engine-Drivers-Firmware-amp-System-Tools.html

Detection tool:

https://downloadcenter.intel.com/download/27150

will check it out later thx
post #12 of 47
Quote:
Originally Posted by WannaBeOCer View Post

I patched mine last night. I suggest you guys do the same.

https://www.win-raid.com/t596f39-Intel-Management-Engine-Drivers-Firmware-amp-System-Tools.html

Detection tool:

https://downloadcenter.intel.com/download/27150


I get

Status: Detection Error: This system may be vulnerable.
Tool Stopped


I dont think it is im on the latest ME etc also MEFW

but does it do that to you too? I ran the SA-00086 console

it ran for like 2 seconds only hence '' tool stopped''


Edit : you need to run Intel-SA-00086-GHI in DiscoveryTool.GUI folder


''Based on the analysis performed by this tool: This system is not vulnerable. It has already been patched.''

Rep anyway for the useful info thumb.gif
Edited by Asus11 - 11/22/17 at 11:07am
Code55
(14 items)
 
  
CPUMotherboardGraphicsRAM
i7-6700k 4.8 Asus Impact VIII / EK M8i Monoblock SeaHawk EK X 1080 Ti G.Skill Ripjaw V 2 x 16GB 3733CL15 1T 
Hard DriveHard DriveCoolingMonitor
INTEL 750 400GB U.2 SanDisk Extreme Pro 960GB EK D5 PWM Acer X34A / XB321HK 
KeyboardPowerCaseAudio
Logitech G810 EVGA 750 G2 In-Win D-Frame Mini Meridian Explorer 
  hide details  
Reply
Code55
(14 items)
 
  
CPUMotherboardGraphicsRAM
i7-6700k 4.8 Asus Impact VIII / EK M8i Monoblock SeaHawk EK X 1080 Ti G.Skill Ripjaw V 2 x 16GB 3733CL15 1T 
Hard DriveHard DriveCoolingMonitor
INTEL 750 400GB U.2 SanDisk Extreme Pro 960GB EK D5 PWM Acer X34A / XB321HK 
KeyboardPowerCaseAudio
Logitech G810 EVGA 750 G2 In-Win D-Frame Mini Meridian Explorer 
  hide details  
Reply
post #13 of 47
Quote:
Originally Posted by Namwons View Post

This is not a flaw. It is working as intended...for the government.
And the fix is just an obfuscation so current detection stops freaking out. I'd buy that.
post #14 of 47
Quote:
Originally Posted by WannaBeOCer View Post

I patched mine last night. I suggest you guys do the same.

https://www.win-raid.com/t596f39-Intel-Management-Engine-Drivers-Firmware-amp-System-Tools.html

Detection tool:

https://downloadcenter.intel.com/download/27150

Thanks!

I looked at that link, but I have never patched CPU firmware before and am worried about bricking the mobo or something. Was it fairly easy to patch? Or are there things we need to watch out for?
post #15 of 47
Quote:
Originally Posted by JCPUser View Post

Thanks!

I looked at that link, but I have never patched CPU firmware before and am worried about bricking the mobo or something. Was it fairly easy to patch? Or are there things we need to watch out for?

*I am not responsible for bricked motherboards*

It is simple and only takes a few minutes but it could brick your motherboard if you don't read carefully.If you don't have a vulnerability don't risk it.

You have a 7 series board so you will need the Intel ME System Tools v8 r3 and consumer Intel ME 8 1.5MB Firmware v8.1.70.1590

Use the win64 FWUpdate tool in an escalated command prompt.

fwupdate -f v8.1.70.1590.bin
Samsung DeX
(14 items)
 
Maximus
(15 items)
 
 
CPUGraphicsRAMHard Drive
Snapdragon 835 Adreno 540 4GB Toshiba 64GB UFS 2.1 
CoolingOSMonitorKeyboard
Passive Android Oreo Beta XF270HUA Cherry MX Board 6.0 
PowerCaseMouseMouse Pad
15w Samsung Quick Charger Galaxy S8+ Logitech G600 Alugraphics GamerArt 
AudioAudio
Definitive Technology Incline SMSL M8 
CPUMotherboardGraphicsRAM
Core i7 6700K 4.8Ghz @ 1.4v Maximus VIII Formula Radeon RX VEGA 64 G-Skill 32GB 3200Mhz 
Hard DriveCoolingOSMonitor
Samsung 850 Evo 2TB Raid 0 Corsair H100i V2 Windows 10 Pro Acer XF270HUA 
KeyboardPowerCaseMouse
Cherry MX Board 6.0 EVGA SuperNova 1200w P2 Lian-Li PC-V33B Logitech G600 
Mouse PadAudioAudio
Alugraphics GamerArt Definitive Technology Incline SMSL M8  
  hide details  
Reply
Samsung DeX
(14 items)
 
Maximus
(15 items)
 
 
CPUGraphicsRAMHard Drive
Snapdragon 835 Adreno 540 4GB Toshiba 64GB UFS 2.1 
CoolingOSMonitorKeyboard
Passive Android Oreo Beta XF270HUA Cherry MX Board 6.0 
PowerCaseMouseMouse Pad
15w Samsung Quick Charger Galaxy S8+ Logitech G600 Alugraphics GamerArt 
AudioAudio
Definitive Technology Incline SMSL M8 
CPUMotherboardGraphicsRAM
Core i7 6700K 4.8Ghz @ 1.4v Maximus VIII Formula Radeon RX VEGA 64 G-Skill 32GB 3200Mhz 
Hard DriveCoolingOSMonitor
Samsung 850 Evo 2TB Raid 0 Corsair H100i V2 Windows 10 Pro Acer XF270HUA 
KeyboardPowerCaseMouse
Cherry MX Board 6.0 EVGA SuperNova 1200w P2 Lian-Li PC-V33B Logitech G600 
Mouse PadAudioAudio
Alugraphics GamerArt Definitive Technology Incline SMSL M8  
  hide details  
Reply
post #16 of 47
Quote:
Originally Posted by Quantum Reality View Post

It's probably unlikely that AMD would code their own CPU management layer with exactly the same holes as Intel, though.

The point was rather obviously that with a similar system in place, it too is subject to exploitation. It makes his boastful statement look silly since he's throwing rocks from a glass house.
post #17 of 47
Quote:
Originally Posted by Quantum Reality View Post

It's probably unlikely that AMD would code their own CPU management layer with exactly the same holes as Intel, though.

As such an advantage also due to using hardware from a smaller market share :-). Like windows vs mac but less severe
post #18 of 47
Quote:
Originally Posted by WannaBeOCer View Post

Quote:
Originally Posted by JCPUser View Post

Thanks!

I looked at that link, but I have never patched CPU firmware before and am worried about bricking the mobo or something. Was it fairly easy to patch? Or are there things we need to watch out for?

*I am not responsible for bricked motherboards*

It is simple and only takes a few minutes but it could brick your motherboard if you don't read carefully.If you don't have a vulnerability don't risk it.

You have a 7 series board so you will need the Intel ME System Tools v8 r3 and consumer Intel ME 8 1.5MB Firmware v8.1.70.1590

Use the win64 FWUpdate tool in an escalated command prompt.

fwupdate -f v8.1.70.1590.bin

Thanks for the help. +Rep
post #19 of 47
Quote:
Originally Posted by Quantum Reality View Post

It's probably unlikely that AMD would code their own CPU management layer with exactly the same holes as Intel, though.

Of course it doesn't have the same holes - It has different ones!

No programmer is perfect. I wish the trend wasn't to embed these functions so deep into a system, but that's the trend. I've come to accept no device is ever truly secure.
Myrna
(4 items)
 
  
CPUMotherboardGraphicsRAM
AMD Threadripper 1920X Asrock X399 Taichi  Gigabyte Aorus Waterforce WB 1080 TI 4 Way SLI Corsair Vengeance RGB 4x8GB 3466Mhz 
  hide details  
Reply
Myrna
(4 items)
 
  
CPUMotherboardGraphicsRAM
AMD Threadripper 1920X Asrock X399 Taichi  Gigabyte Aorus Waterforce WB 1080 TI 4 Way SLI Corsair Vengeance RGB 4x8GB 3466Mhz 
  hide details  
Reply
post #20 of 47
Same old ME, it's been known a while Skylake+ is a backdoor heaven as it has a different ME than the older versions that can be disabled.
Same topic is on Reddit a couple days.

Just don't use Skylake or any SL based machines, KL, CL if you're worried about ME backdoors and someone else having more control over your machine than even you do.
New Posts  All Forums:Forum Nav:
  Return Home
  Back to Forum: Hardware News
Overclock.net › Forums › Industry News › Hardware News › [techradar] - Did Intel leave a huge security hole in your brand new PC?