2 Replies Latest reply on Nov 12, 2017 8:01 AM by georg69

    huge vulnerability for ME Firmware: 10.0.45.1024 on NUC5

    georg69

      I'd need an information:

       

      why NUC5i5RYH bios has  ME Firmware: 10.0.45.1024 and not , for example, at least , ME Firmware: 10.0.55.3000 like in pretty much "identical"  NUC5i5MYBE,which already has the fix with ME Firmware: 10.0.55.3000?

       

       

      is ME Firmware: 10.0.45.1024 vulnerable to:

      https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr  ?

       

       

      can you reassure me , about it?

      and is intel going to fix this in a next bios delivery?

       

       

      thanks

        • 1. Re: huge vulnerability for ME Firmware: 10.0.45.1024 on NUC5
          N.Scott.Pearson

          There are two versions of the firmware. First, there is the "Consumer" version, which is used in most (non-VPro) systems. This is the smaller (1.5MB) firmware. The other version of the firmware is the "Client" version, which is used in VPro systems. VPro systems have the "Q" version of the chipset (Q77, Q87, etc.). Since it also includes the Intel Active Management (AMT) software stack, this version of the firmware is much larger (5MB).

           

          The firmware that contained the vulnerabilities was the latter, "Client" version. Only those boards that contain this firmware required an update. The bulk of the systems, namely those with the "Consumer" firmware, are NOT affected by (i.e. do not contain) the vulnerabilities.

           

          Hope this explains it clearly,

          ...Sp

          1 of 1 people found this helpful
          • 2. Re: huge vulnerability for ME Firmware: 10.0.45.1024 on NUC5
            georg69

            crystal clear!

             

            many thanks, scott