Intel Releases Linux-Compatible Tool For Confirming ME Vulnerabilities
Intel's SA-00086 Detection Tool has Linux support and will confirm whether your system is vulnerable to the recently published Management Engine (ME) security issues.
While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
Most systems with Intel ME are impacted, but if in doubt, there is a new binary utility from Intel for both Windows and Linux to check your system's state. The Linux version is a command-line tool written in Python and does depend upon two binary-only modules.
The tool can be found from the Intel Download Center. From there you need updated system firmware or to try an approach like Intel ME_Cleaner to try to disable ME and friends.
While Intel ME security issues have been talked about for months, confirming fears that have been present about it for years, this week Intel published the SA-00086 security advisory following their own internal review of ME/TXE/SPS components. The impact is someone could crash or cause instability issues, load and execute arbitrary code outside the visibility of the user and operating system, and other possible issues.
Most systems with Intel ME are impacted, but if in doubt, there is a new binary utility from Intel for both Windows and Linux to check your system's state. The Linux version is a command-line tool written in Python and does depend upon two binary-only modules.
The tool can be found from the Intel Download Center. From there you need updated system firmware or to try an approach like Intel ME_Cleaner to try to disable ME and friends.
48 Comments