1 Reply Latest reply on May 17, 2017 4:24 PM by michael_a_intel

    Intel AMT Firmware drivers vulnerability issue

    MartinKaldramov

      Hello guys,

      I want to confirm if a machine has the Firmware driver that is considered vulnerable (X.X.XX.1XXX) and a MEI (Intel Management Engine Components Driver) driver installed,

      is it still considered vulnerable to the local security issue and does step 2 from the mitigation guide(disabling/removing the LMS service) still needs to be followed?

      Also is the Intel management and security application local management service (LMS) installed with the MEI drivers? And if removed would the MEI drivers need to be reinstalled?

      Thank you.

        • 1. Re: Intel AMT Firmware drivers vulnerability issue
          michael_a_intel

          MartinKaldramov

           

          Thank you for your query.  For more details on the security vulnerability, you can refer to the security advisory here:

          https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

           

          Breaking down your questions:

          I want to confirm if a machine has the Firmware driver that is considered vulnerable (X.X.XX.1XXX) and a MEI (Intel Management Engine Components Driver) driver installed,

          is it still considered vulnerable to the local security issue?

           

          Take the following steps to mitigate the risk of your systems being compromised:

          1.  Unprovisioned your system using the /full flag through ACUConfig.exe

          2.  Patched your system with the updated firmware fix

           

          and does step 2 from the mitigation guide(disabling/removing the LMS service) still needs to be followed?

          All the steps need to be followed in the mitigation guide.

           

          Also is the Intel management and security application local management service (LMS) installed with the MEI drivers?

          Yes

           

          And if removed would the MEI drivers need to be reinstalled?

          Yes