Laptops General - Read Only

Last reply by 05-08-2017 Unsolved
Start a Discussion
2 Bronze
2 Bronze
21691

General: BIOS updates due to Intel AMT IME vulnerability

Dear Support-Team,

being owner of an Dell XPS 15 9530 and having read about the latest security vulnerability which describes "an escalation of privilege vulnerability in Intel® Active Management Technology (AMT), Intel® Standard Manageability (ISM), and Intel® Small Business Technology versions firmware versions 6.x, 7.x, 8.x 9.x, 10.x, 11.0, 11.5, and 11.6" I really would appreciate getting a firmware update for my computer asap.

According to the article the corresponding information was sent to all hardware manufacturersbeforehand. See security-center.intel.com/advisory.aspx for reference.

Having several other DELL computers in our household Vostro 3549, Inspiron 5521, Inspiron 3531 as well, will you generally take on this as other models are affacted also?

Kind regards,

Bjoern

Replies (5)
Community Manager
9331

None of your older systems have the vPro CPU so this doesn't apply to you.
Vostro 3549 release date 7/10/2014
Inspiron 15-3531 release date 5/28/2014
XPS 15-9530 release date 10/29/2013
Inspiron 15R-5521 release date 12/20/2012

* Dell Client Statement on Intel AMT Advisory (INTEL-SA-00075)

* Open the White paper, then the PDF to see system list

If still under warranty, click the "Get help now" icon on the right to start a live chat session.
Find your Service Tag


3 Zinc
9330

How safe it is to use the Intel Driver Update utility? Will it suggest newer Intel drivers which are not checked by Dell? Mind there is a history of issues particularly with Intel HD video rivers (flicker etc). Unfortunately, latest official drivers at Dell support site were often not good, but the latest drivers from Intel were ocassionally not good either. The problem is that the recent Windows versions seem to force the latest official Dell driver version via Windows Update, and other driver versions get overdriven, unless using blocking with WUShowHide or such. Therefore it is important that Dell handles this.

I guess the issue is more widespread than what the above response suggests. Following the vPro detection instructions at: communities.intel.com/.../DOC-5693 I found the "Intel Management & Security Application User Notification Service" running on my XPS 15 9550. The ME option is present in BIOS, but I have not enabled it. I believe this makes the vulnerability exploitable locally - malware must firstly get into the system by other means, but if it does, no antivirus will be able to detect it and do away with it. AFAIK, the Management engine is present in every recent Intel processor since 2008. So it is extremely important for Dell to react.

In addition, I have the Intel 8260 wifi card, which supposedly supports vPro, making it susceptible for a remote exploit.

I would kindly ask you to specify which drivers are related and which versions are safe, particularly among:

- BIOS

- Intel(R) Management Engine Components Installer

 www.dell.com/.../DriversDetails

- Intel® vPro™ Out of Band

 www.dell.com/.../DriversDetails

- Wifi driver for Intel cards

 www.dell.com/.../DriversDetails

3 Zinc
9330

Update: output of Intel-SA-00075 Discovery Tool says: the System is VULNERABLE

And that I should contact my OEM!!!!

Sorry copy/paste doesn't work for a full report

XPS 15 9550

ME version: 11.0.18.1002

SKU: Consumer

State: Not Provisioned

Driver installation found: True

EHBC Enabled: False

LMS service state: Running

microLMS service state: NotPresent

Community Manager
9330

We are not going to address those systems you have because they are not on the list. I have used the Intel utility on all of my systems. I trust it. Let it install the drivers it needs.

If still under warranty, click the "Get help now" icon on the right to start a live chat session.
Find your Service Tag


Community Manager
9330

Update 5/8, Dell released a PDF that shows which systems were effected. None of your systems are on the list.

OptiPlex
780/790/990/XE2/5040/5050/5250/7010/7040/7050/7440AIO/7450/9010AIO/9010/9020 AIO/9020M/9020/9030

Latitude 5175/5179/5280/5285/5289/5404/5414/5480/5580/7140/7202/7204/7214/7275/7280/7350/7370/7380/7404/7414/7480/XT3
E4240/E4310/E5250/E5270/E5430/E5440/E5450/E5470/E5530/E5540/E5550/E5570/E6220/E6320/E6230/E6330/E6410/E6410ATG/E6420/E6420ATG/E6420XFR/E6430ATG/E6430S/E6430U/E6440/E6440ATG/E6510/E6520/E6530/E6540/E7240/E7250/E7270/E7450/E7470

Precision
3510/3520/3620/3420/5510/5720AIO/5520/7510/7520/7710/7720

T1600/T1650/T1700/T3600/T3600XL/T3610/T5600/T5600XL/T5610/T5810/R7610/T7600/T7610/T7810/T7910
M2800/M4500/M4600/M4700/M4800/M6600/M6700/M6800

XPS
9343/9350/9360/9365

Wyse 7040

Venue 11 Pro 7130

If still under warranty, click the "Get help now" icon on the right to start a live chat session.
Find your Service Tag


Latest Solutions
Top Contributor