Intel® Management Engine Critical Firmware Update (Intel SA-00086)

Intel® Management Engine (Intel® ME 11.0.0-11.7.0), Intel® Trusted Execution Engine (Intel® TXE 3.0), and Intel® Server Platform Services (Intel® SPS 4.0) vulnerability (Intel-SA-00086)

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of the following with the objective of enhancing firmware resilience:

Intel® Management Engine (Intel® ME)

Intel® Trusted Execution Engine (Intel® TXE)

Intel® Server Platform Services (SPS)

Intel has identified security vulnerabilities that could potentially impact certain PCs, servers, and IoT platforms.

Systems using Intel ME Firmware versions 11.0.0 through 11.7.0, SPS Firmware version 4.0, and TXE version 3.0 are impacted. You may find these firmware versions on certain processors from the:

6th, 7th, and 8th generation Intel® Core™ Processor Family:

Intel® Xeon® Processor E3-1200 v5 and v6 Product Family

Intel® Xeon® Processor Scalable Family

Intel® Xeon® Processor W Family

Intel Atom® C3000 Processor Family

Apollo Lake Intel Atom® Processor E3900 series

Apollo Lake Intel® Pentium® Processors

Intel® Celeron® N and J series Processors

To determine if the identified vulnerabilities impact your system, download and run the Intel-SA-00086 Detection tool using the links below.

Contact your system manufacturer to obtain updates for impacted systems.

Available resources

Intel official security advisory: Technical details on the vulnerability

Resources for Microsoft and Linux* users

Intel-SA-00086 Detection Tool

Resources from system manufacturers

---------------------------------------------------------

공격자가 해당 CPU를 탑재한 컴퓨터에 접근해 문제의 취약점을 악용하면 원하는 코드를 실행해 시스템 제어권을 빼앗고 정보를 빼돌리거나 망가뜨리거나 조작할 우려가 있다.

--------------------------------

보안 패치해야할것 같네요

ME 펌웨어 업데이트  파일은  제조사에서 받아야서 업그레이드 하면  될것 같습니다

내용추가

3시에 네이버 뉴스란에 내용 올라왔습니다.