EVGA

Intel Management Engine Vulnerability

Author
smackiethefrog
New Member
  • Total Posts : 15
  • Reward points : 0
  • Joined: 2012/02/23 22:26:12
  • Status: offline
  • Ribbons : 0
2017/11/22 09:17:15 (permalink)
 I have run Intel's SA-00086 detection tool on my system with a Z170 FTW running UEFI v2.01. The result shows the firmware as vulnerable. Are there any plans to issue patched ME firmware for this system?

post edited by smackiethefrog - 2017/11/22 09:25:11

Attached Image(s)

#1

11 Replies Related Threads

    nowcontrol
    New Member
    • Total Posts : 47
    • Reward points : 0
    • Joined: 2015/12/22 06:29:54
    • Location: LDN/UK
    • Status: offline
    • Ribbons : 1
    Re: Intel Management Engine Vulnerability 2017/11/22 18:40:58 (permalink)
     I got the same result 

     
     

    Attached Image(s)


    Intel Core i7-6700k / Corsair H110i GTX w/ 2x Corsair ML-140
    EVGA Z170 FTW / Corsair Vengeance LPX 16GB @ 3600MHz
    EVGA GTX 970 FTW+ / Corsair HX850i
    Corsair Carbide Air 540 / Corsair Neutron XTi [240GB]

     


    #2
    Anewbis
    New Member
    • Total Posts : 30
    • Reward points : 0
    • Joined: 2010/11/01 16:33:19
    • Status: offline
    • Ribbons : 0
    Re: Intel Management Engine Vulnerability 2017/12/03 02:46:22 (permalink)
    I expect this to go unpatched for at least 4 months, like the last one.
     
    Reading over the warranty, one might be able request an RMA for a non-vulnerable board, aka an upgrade. It would rest on whether Intel ME or the chipset are considered third-party software/equipment. If so, they could theoretically write off any warranty as non-valid at their discretion, telling you to take it up with Intel with no hard evidence, or to claim capacitors were not made "in-house" if financially required to go so far.
     
    Unfortunately, almost no company wants to pay for anything that goes wrong and the only one without something substantial to offer is you. After being forced to sign various bead agreements to even use the end-products, you have nearly no rights. Capitalizing on an advantage, one would call that. Good business another might say.
     
    You know what? Let's get rid of consumer warranties, but keep the business ones. Imagine the mountainous profits at low-risk! We'd be free to cut costs on security, with the added bonus of pushing home user to upgrade with plausible deniability. Sure business for the whole supply chain and the consumer keeps spending. There's bound to be kickbacks from the NSA for that, too (at very least non-interference). 
     
    #3
    HeavyHemi
    Omnipotent Enthusiast
    • Total Posts : 14024
    • Reward points : 0
    • Joined: 2008/11/28 20:31:42
    • Location: Western Washington
    • Status: offline
    • Ribbons : 96
    Re: Intel Management Engine Vulnerability 2017/12/03 22:06:59 (permalink)
    smackiethefrog
     I have run Intel's SA-00086 detection tool on my system with a Z170 FTW running UEFI v2.01. The result shows the firmware as vulnerable. Are there any plans to issue patched ME firmware for this system?



    There's a new IME driver on the support page for your motherboard that should fix this issue.  Here's the direct link
     
    http://cdn.evga.com/Drive...10_64_11.6.13.1212.zip

    EVGA X99 FTWK / i7 6850K 4.5ghz / GTX1080 Ti FE Hybrid / 32GB Corsair LPX 3200mhz / Samsung 850Pro 256GB / Corsair AX1200 / Window 10 Pro
    Fire Strike                        24,163
    Fire  Strike Extreme        14,452 
    Fire Strike Ultra                7,711 
    Time Spy                        10,357

    #4
    rsabatino
    SSC Member
    • Total Posts : 977
    • Reward points : 0
    • Joined: 2010/02/04 14:00:46
    • Location: new jersey usa
    • Status: offline
    • Ribbons : 4
    Re: Intel Management Engine Vulnerability 2017/12/05 02:33:07 (permalink)
    even with the update it says my system is vulnerable .
    #5
    HeavyHemi
    Omnipotent Enthusiast
    • Total Posts : 14024
    • Reward points : 0
    • Joined: 2008/11/28 20:31:42
    • Location: Western Washington
    • Status: offline
    • Ribbons : 96
    Re: Intel Management Engine Vulnerability 2017/12/05 10:42:10 (permalink)
    rsabatino
    even with the update it says my system is vulnerable .


    Did you check and see if there is a newer IME version for your chipset? Seriously EVGA should be updating this. I've updated my X99 to the latest and it's good to go.
    You should find what you need here if you're comfortable updating yourself.
    https://www.win-raid.com/...-amp-System-Tools.html
    post edited by HeavyHemi - 2017/12/05 10:47:08

    EVGA X99 FTWK / i7 6850K 4.5ghz / GTX1080 Ti FE Hybrid / 32GB Corsair LPX 3200mhz / Samsung 850Pro 256GB / Corsair AX1200 / Window 10 Pro
    Fire Strike                        24,163
    Fire  Strike Extreme        14,452 
    Fire Strike Ultra                7,711 
    Time Spy                        10,357

    #6
    EVGATech_LeeM
    EVGA Forum Moderator
    • Total Posts : 1581
    • Reward points : 0
    • Joined: 2016/11/04 14:43:35
    • Location: Brea, CA
    • Status: online
    • Ribbons : 14
    Re: Intel Management Engine Vulnerability 2017/12/05 13:02:27 (permalink)
    As an update, we plan to roll out BIOS updates for the following motherboard/laptop chipsets over the next month to address this specific issue:
     
    In no particular order:
    • X299
      • E299 EVGA X299 Dark
      • E297 EVGA X299 FTW K
      • E295 EVGA X299 Micro ATX
    • Z370
      • E379 EVGA Z370 Classified K
      • E377 EVGA Z370 FTW
      • E375 EVGA Z370 Micro ATX
    • Z270
      • E279 EVGA Z270 Classified K
      • E277 EVGA Z270 FTW K
      • E272 EVGA Z270 Stinger
    • Z170
      • E179 EVGA Z170 Classified 4-Way
      • E178 EVGA Z170 Classified K
      • E177 EVGA Z170 FTW
      • E172 EVGA Z170 Stinger
    • Notebooks:
      • SC17 980M
      • SC17 1080 4KG
      • SC17 1070
      • SC17 1070 4KG
      • SC15 1060G
     
    Please note that by providing a BIOS update, this does not mean that you are necessarily in any imminent danger from the reported vulnerability.  However, we will encourage you to update your motherboard BIOSes when these are available.
    #7
    rsabatino
    SSC Member
    • Total Posts : 977
    • Reward points : 0
    • Joined: 2010/02/04 14:00:46
    • Location: new jersey usa
    • Status: offline
    • Ribbons : 4
    Re: Intel Management Engine Vulnerability 2017/12/05 13:51:14 (permalink)
    HeavyHemi
    rsabatino
    even with the update it says my system is vulnerable .


    Did you check and see if there is a newer IME version for your chipset? Seriously EVGA should be updating this. I've updated my X99 to the latest and it's good to go.
    You should find what you need here if you're comfortable updating yourself.
    https://www.win-raid.com/...-amp-System-Tools.html


    yes. I got the update from evga.
    #8
    rsabatino
    SSC Member
    • Total Posts : 977
    • Reward points : 0
    • Joined: 2010/02/04 14:00:46
    • Location: new jersey usa
    • Status: offline
    • Ribbons : 4
    Re: Intel Management Engine Vulnerability 2017/12/05 13:52:14 (permalink)
    EVGATech_LeeM
    As an update, we plan to roll out BIOS updates for the following motherboard/laptop chipsets over the next month to address this specific issue:
     
    In no particular order:
    • X299
      • E299 EVGA X299 Dark
      • E297 EVGA X299 FTW K
      • E295 EVGA X299 Micro ATX
    • Z370
      • E379 EVGA Z370 Classified K
      • E377 EVGA Z370 FTW
      • E375 EVGA Z370 Micro ATX
    • Z270
      • E279 EVGA Z270 Classified K
      • E277 EVGA Z270 FTW K
      • E272 EVGA Z270 Stinger
    • Z170
      • E179 EVGA Z170 Classified 4-Way
      • E178 EVGA Z170 Classified K
      • E177 EVGA Z170 FTW
      • E172 EVGA Z170 Stinger
    • Notebooks:
      • SC17 980M
      • SC17 1080 4KG
      • SC17 1070
      • SC17 1070 4KG
      • SC15 1060G
     
    Please note that by providing a BIOS update, this does not mean that you are necessarily in any imminent danger from the reported vulnerability.  However, we will encourage you to update your motherboard BIOSes when these are available.


    thanks I cant wait I'm so excited.
    #9
    orcaman98
    New Member
    • Total Posts : 2
    • Reward points : 0
    • Joined: 2010/02/06 20:24:55
    • Status: offline
    • Ribbons : 0
    Re: Intel Management Engine Vulnerability 2018/07/26 04:40:57 (permalink)
    Can anyone tell me if the X58 is vulnerable or if an update is planned? The tool tells me it gets an invalid response and can't determine if my system is vulnerable or not. My part number is 132-GT-E736.
    #10
    mike406
    SSC Member
    • Total Posts : 936
    • Reward points : 0
    • Joined: 2015/02/21 18:17:33
    • Status: offline
    • Ribbons : 13
    Re: Intel Management Engine Vulnerability 2018/07/26 19:40:44 (permalink)
    orcaman98
    Can anyone tell me if the X58 is vulnerable or if an update is planned? The tool tells me it gets an invalid response and can't determine if my system is vulnerable or not. My part number is 132-GT-E736.




    X58 is not vulnerable.

              Associate Code: 6KIMUJ06W8WFDR5 (5-10% off your purchase)            |            Affiliate Code: FIX0GZW4CY (Use with product registration)
     

    #11
    orcaman98
    New Member
    • Total Posts : 2
    • Reward points : 0
    • Joined: 2010/02/06 20:24:55
    • Status: offline
    • Ribbons : 0
    Re: Intel Management Engine Vulnerability 2018/07/27 05:17:50 (permalink)
    Thanks!
    #12
    Jump to:
  • Back to Mobile