5 Replies Latest reply on Nov 27, 2017 8:21 AM by Intel Corporation

    Question about ME/SPS/TXE vulnerability detection tool

    raysatiro

      I read of the Q3 vulnerability notice on ME/SPS/TXE. It links to a vulnerability detection tool that is supposed to scan for vulnerabilities. I just ran it on a desktop computer and it says "Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer)." Why can't you tell me if a system is vulnerable without the driver? A lot of the systems I'm responsible for are old, should I really be seeking out those drivers just to find out if the systems are vulnerable? Aren't these problems specific to certain chips?

       

      edit: WIRED article about the vulnerabilities:

      https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/