Intel Management Engine flaw – Cube I7 Book is vulnerable

[Bob D]

Hi,

In case you might not know. There is Intel Management Engine, a PC management layer designed by Intel and located below the operating system.
Due to it’s bugs, it is possible to infect the machine in the way, rootkit will remain undiscoverable for any typical AV software. Simple hdd reimagining or reinstallation will never fix the problem.

List of platforms affected (might be incomplete):

• Intel Core 6, 7, 8 gen
• Intel Xeon E3-1200 v5 and v6
• Intel Xeon Scalable
• Intel Xeon W
• Intel Atom C3000
• Intel Atom E3900 (Apollo Lake)
• Intel Pentium (Apollo Lake)
• Celeron N and J series.

For more information you can refer to Intel’s bulletin:
https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

Then you might run “am I vulnerable?” software:
https://downloadcenter.intel.com/download/27150

And yes, Cube I7 Book is vulnerable. See picture attached to the post.

It is said PC vendors are supposed to deliver fixes and not the Intel itself.
I wonder if we will get anything from Cube or tablet will just stay vulnerable for ever?

 

Attachments:

You must be logged in to view attached files.

[Frank Siegert]

Yes, its sad that Cube is so silent abou this issue.

This is a major flaw rendering the I7 Book and i9 (in fact any Skylake/Kabylake based systems) almost useless to handle important information as they cannot be trusted anymore.

C’mon Cube, is it so hard to give a statement regarding this bug and a timeline for an bios update? Show us customers some respect!

 

 

 

 

 

[Author]

Posts