어라.. 툴 돌려 보니...

취약한 상태는 아니라고 하나.. 4세대 하스웰에도 ME가 내장되어 있었나 보네?


어헉? ME(Management Engine) Interface?


---

일단 조사중..


[링크 : http://v.media.daum.net/v/20171128153806340]


읭? 6세대 이후 core i 시리즈도 포함인가?

기존에는 vPRO 라고 엔터프라이즈 제품에만 적용했었는데?

  • Intel Atom - C3000 family
  • Intel Atom - Apollo Lake E3900 series
  • Intel Celeron - N and J series
  • Intel Core (i3, i5, i7, i9) - 6th, 7th and 8th generation (6xxx-8xxx)
  • Intel Pentium - Apollo Lake
  • Intel Xeon - E3-1200 v5 and v6 product family
  • Intel Xeon - Scalable family
  • Intel Xeon - W family

[링크 : https://en.wikipedia.org/wiki/Intel_Management_Engine]


In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.


As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted. 

취약점 설명

[링크 : https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086&languageid=en-fr]


검사용 툴 다운로드

[링크 : https://downloadcenter.intel.com/download/27150]


Intel® Management Engine Critical Firmware Update (Intel SA-00086)

[링크 : https://www.intel.com/content/www/us/en/support/articles/000025619/software.html]



+

vPro는 AMT, TXT 등을 포함하는 마켓팅 용어?

Intel vPro technology is an umbrella marketing term used by Intel for a large collection of computer hardware technologies, including HyperthreadingTurbo Boost 3.0, VT-xVT-dTrusted Execution Technology (TXT), and Intel Active Management Technology (AMT). 

[링크 : https://en.wikipedia.org/wiki/Intel_vPro]


ME는 하드웨어 이고 AMT는 하드웨어를 운영하여 관리하는 상위 레벨의 개념이고

vPro는 AMT,TXT등을 포함하는 마켓팅 용어라고 범위를 이해하면 될 듯?

[링크 : https://en.wikipedia.org/wiki/Intel_Management_Engine]

[링크 : https://en.wikipedia.org/wiki/Intel_Active_Management_Technology]


SMM / ring -2

[링크 : https://en.wikipedia.org/wiki/System_Management_Mode]

[링크 : https://en.wikipedia.org/wiki/Protection_ring]



+

Disabling Intel AMT on Windows (and a simpler CVE-2017-5689 Mitigation Guide)

[링크 : https://mattermedia.com/blog/disabling-intel-amt/]

INTEL-SA-00075 Detection and Mitigation Tool

[링크 : https://downloadcenter.intel.com/download/26755?v=t]


에어맨이냐.. BIOS에서 꺼도 안꺼지다니 -_-

[링크 : https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/563988]



+

어어어어엌?! 내 2710p 는 구버전이긴한데 흐음.. 얘는 영향이 없으려나?


[링크 : http://h10032.www1.hp.com/ctg/Manual/c02958196]

Posted by 구차니

댓글을 달아 주세요