Gigabyte starts to rolls out updates to address Intel’s ME and TXE vulnerabilities
Gigabyte starts to rolls out updates to address Intel’s ME and TXE vulnerabilities
While Intel’s use of this OS was completely legal, the creator of the OS, Professor Andrew Tanenbaum, was unaware that Intel has used his OS so widely and is concerned about the security implications of using an OS that was never designed for that use case. Professor Tanenbaum’s open letter to Intel can be read here.Â
 Â
Gigabyte has now stated that they have started rolling out new BIOS files of Z370 and 200-series motherboards that include these fixes, with patches for other affected motherboards coming soon.Â
  In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.
As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.
Affected products:
– 6th, 7th & 8th Generation Intel® Core⢠Processor Family
– Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
– Intel® Xeon® Processor Scalable Family
– Intel® Xeon® Processor W Family
– Intel® Atom® C3000 Processor Family
– Apollo Lake Intel® Atom Processor E3900 series
– Apollo Lake Intel® Pentiumâ¢
– Celeron⢠N and J series Processors
Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).This includes scenarios where a successful attacker could:
– Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
– Load and execute arbitrary code outside the visibility of the user and operating system.
– Cause a system crash or system instability.
Â
 Â
Intel has now released a tool that can detect whether or not your system is vulnerable to these exploits. This tool is available for both Windows and Linux and can be downloaded here.Â
Gigabyte will be delivering new BIOS files and driver updates for affected products on their website, though it is expected to take some time before all affected products have been patched with this vital security update. Â
You can join the discussion on Gigabyte’s new BIOS security updates on the OC3D Forums.Â
Gigabyte starts to rolls out updates to address Intel’s ME and TXE vulnerabilities
While Intel’s use of this OS was completely legal, the creator of the OS, Professor Andrew Tanenbaum, was unaware that Intel has used his OS so widely and is concerned about the security implications of using an OS that was never designed for that use case. Professor Tanenbaum’s open latter to Intel can be read here.Â
 Â
Gigabyte has now stated that they have started rolling out new BIOS files of Z370 and 200-series motherboards that include these fixes, with patches for other affected motherboards coming soon.Â
  In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.
As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.
Affected products:
– 6th, 7th & 8th Generation Intel® Core⢠Processor Family
– Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
– Intel® Xeon® Processor Scalable Family
– Intel® Xeon® Processor W Family
– Intel® Atom® C3000 Processor Family
– Apollo Lake Intel® Atom Processor E3900 series
– Apollo Lake Intel® Pentiumâ¢
– Celeron⢠N and J series Processors
Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).This includes scenarios where a successful attacker could:
– Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
– Load and execute arbitrary code outside the visibility of the user and operating system.
– Cause a system crash or system instability.
Â
 Â
Intel has now released a tool that can detect whether or not your system is vulnerable to these exploits. This tool is available for both Windows and Linux and can be downloaded here.Â
Gigabyte will be delivering new BIOS files and driver updates for affected products on their website, though it is expected to take some time before all affected products have been patched with this vital security update. Â
You can join the discussion on Gigabyte’s new BIOS security updates on the OC3D Forums.Â