Hello,
Please forgive me if I should’ve posted this question under the bios v110 sticky. I wasn’t sure if the thread was open for comments as there hasn’t been any new info in some time...
I’m a long time lurker here, and have had no issues with 3 generations of EVGA Nvidia cards and I am an proud z390 DARK owner.
My current setup Is Z390 DARK v1.0 bios-v110, i9-9900k at 5.2 allcore vcore override @ 1.25vcore -25vdroop , EK aio 360mm rad, 2x 8gb single stack ripjaws 5 ddr4 b-die 3600 16.16.16.36 @ 4200 16.16.16.36 1.500v , EVGA 3090 FTW 3 Ultra Gaming
2x 256gb Samsung nvme ssds raid zero setup in RST oprom. Just upgraded to Win 11 home from 10 Home edition.
I’ve taken the CSME vulnerability seriously since it was first reported almost 5 years ago. I‘ve always patched vulns asap and religiously.
Upon installing win 11, I did a clean install downloaded win11 22h2 multi version direct from MS and Rufus’d a USB installer. Ran the EVGA drivers from my driver usb with all the most recent drivers available here from EVGA as always. No issues with install everything runs great…. Stability tests ran fine, DARK board still solid as a rock. But alas… first series of windows updates and there is a new Intel chipset/FW update. I halted it and went to Intel for info and checked back here to see if I had missed an update. Nay…
Intel notes appear fine. I installed as recommended, finished all security and cumulative updates. Started getting comfortable with new OS , configured pwsh w/ fancy choco Posh bash going through new setup scripts etc etc… I noticed an intel log from my LAN driver install saying one of the Intel drivers was rejected as it does not meet security standards by Win Defender. But nothing seems out of the ordinary. Device manager shows all hardware installed, no missing LAN drivers. Looking through the rest of the Intel logs I was confused by the new chipset driver as it’s actually stamped as generic mostly for xenon chips. I checked my PCH version in bios and confirmed it shows latest version which is still same update revision listed here by EVGA, checked 9900k microcode versions no new changes. Intel FW upgrade from win11 didn’t seem to change anything so just to double check I ran the Intel CSME vuln detector and it failed.
It instructed me to get the most current updates available to which Intel had just installed, My system has always had the latest ME patches and MS security updates.
Unless I’ve missed something somewhere, I thought this platform was fully patched and secured from the ME issues. Does anyone else by chance get the same vulnerable status from the Intel checker? I‘ve never actually run the check for vulnerabilities with the Intel tool since I’ve regularly installed updates for this since they’ve been release.
Am I running faulty ground truth circuits in my wetware? Was the Intel tool always going to read vulnerable even after years of patches?
Did Windows 11 break the ME patches or exposed new vulnerabilities with CSME? My Google fu is pretty strong but I can’t find anything but the same search loops and dead ends with same old topics and posts about these issues. Which is why I finally came to ask the experts ( not redditors ) …. Is everything cool with these conditions? Should I run back to Win10 and wait?
Do all my base belong to some one !?!
Much appreciation & thanks to whomever with which this finds concern.