Elkmar wrote:
I think that problem is not SA-00086 🙂
Thank you, thank you, @Elkmar sir! I'll look into this later this evening, first chance I get. I fired up my laptop (
HP Spectre x360, from 2017) to verify and that said
"This system has been patched"
- HP Spectre x360 - 15-bl112dx
- Intel Core i7-8550U (1.8 GHz base frequency, up to 4 GHz with Intel Turbo Boost Technology, 8 MB cache, 4 cores)
- 16 GB DDR4-2133 SDRAM (2 x 8 GB)
- NVIDIA GeForce MX150 (2 GB GDDR5 dedicated)
- 512 GB PCIe NVMe M.2 SSD
Not sure exactly what motherboard it has, but i've gotten a recent BIOS / firmware patch directly from HP, which seems to have resolved the issue, however I'm struggling to patch this on my desktop.
EDIT: Currently running IMEI firmware version: 1910.13.0.1060 from March 4, 2019. -- so this is something we can directly download from Intel's website? I was skeptical of using the mega download link location, prefer to use official sources when possible. This tool, suggests we can only get these from our motherboard manufacturers?
>>
https://www.intel.com/content/www/us/en/support/articles/000025619/software.htmlFrequently asked questions:​Q:
The Intel CSME Version Detection Tool reports that my system is vulnerable. What do I do?A:
Intel has provided system and motherboard manufacturers with the necessary firmware and software updates to resolve the vulnerabilities identified in Security Advisory Intel-SA-00086.Contact your system or motherboard manufacturer regarding their plans for making the updates available to end users.
Some manufacturers have provided Intel with a direct link for their customers to obtain additional information and available software updates (Refer to the list below).
Q:
Why do I need to contact my system or motherboard manufacturer? Why can’t Intel provide the necessary update for my system?A:
Intel is unable to provide a generic update due to management engine firmware customizations performed by system and motherboard manufacturers.