Intel Management Engine(ME) 취약점 관련

어라.. 툴 돌려 보니...

취약한 상태는 아니라고 하나.. 4세대 하스웰에도 ME가 내장되어 있었나 보네?

어헉? ME(Management Engine) Interface?

---

일단 조사중..

[링크 : http://v.media.daum.net/v/20171128153806340]

읭? 6세대 이후 core i 시리즈도 포함인가?

기존에는 vPRO 라고 엔터프라이즈 제품에만 적용했었는데?

Intel Atom - C3000 family Intel Atom - Apollo Lake E3900 series Intel Celeron - N and J series Intel Core (i3, i5, i7, i9) - 6th, 7th and 8th generation (6xxx-8xxx) Intel Pentium - Apollo Lake Intel Xeon - E3-1200 v5 and v6 product family Intel Xeon - Scalable family Intel Xeon - W family

[링크 : https://en.wikipedia.org/wiki/Intel_Management_Engine]

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience. As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.

취약점 설명

[링크 : https://security-center.intel.com/advisory.aspx?intelid=intel-sa-00086&languageid=en-fr]

검사용 툴 다운로드

[링크 : https://downloadcenter.intel.com/download/27150]

Intel® Management Engine Critical Firmware Update (Intel SA-00086)

[링크 : https://www.intel.com/content/www/us/en/support/articles/000025619/software.html]

+

vPro는 AMT, TXT 등을 포함하는 마켓팅 용어?

Intel vPro technology is an umbrella marketing term used by Intel for a large collection of computer hardware technologies, including Hyperthreading, Turbo Boost 3.0, VT-x, VT-d, Trusted Execution Technology (TXT), and Intel Active Management Technology (AMT).

[링크 : https://en.wikipedia.org/wiki/Intel_vPro]

ME는 하드웨어 이고 AMT는 하드웨어를 운영하여 관리하는 상위 레벨의 개념이고

vPro는 AMT,TXT등을 포함하는 마켓팅 용어라고 범위를 이해하면 될 듯?

[링크 : https://en.wikipedia.org/wiki/Intel_Management_Engine]

[링크 : https://en.wikipedia.org/wiki/Intel_Active_Management_Technology]

SMM / ring -2

[링크 : https://en.wikipedia.org/wiki/System_Management_Mode]

[링크 : https://en.wikipedia.org/wiki/Protection_ring]

+

Disabling Intel AMT on Windows (and a simpler CVE-2017-5689 Mitigation Guide)

[링크 : https://mattermedia.com/blog/disabling-intel-amt/]

INTEL-SA-00075 Detection and Mitigation Tool

[링크 : https://downloadcenter.intel.com/download/26755?v=t]

에어맨이냐.. BIOS에서 꺼도 안꺼지다니 -_-

[링크 : https://software.intel.com/en-us/forums/intel-business-client-software-development/topic/563988]

+

어어어어엌?! 내 2710p 는 구버전이긴한데 흐음.. 얘는 영향이 없으려나?

[링크 : http://h10032.www1.hp.com/ctg/Manual/c02958196]