Intel vPro® Platform
Intel Manageability Forum for Intel® EMA, AMT, SCS & Manageability Commander
2827 Discussions

Question about ME/SPS/TXE vulnerability detection tool

RSati
Beginner
2,790 Views

I read of the Q3 vulnerability https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr notice on ME/SPS/TXE. It links to a https://www.intel.com/content/www/us/en/support/articles/000025619/software.html vulnerability detection tool that is supposed to scan for vulnerabilities. I just ran it on a desktop computer and it says "Detection Error: This system may be vulnerable, please install the Intel(R) MEI/TXEI driver (available from your system manufacturer)." Why can't you tell me if a system is vulnerable without the driver? A lot of the systems I'm responsible for are old, should I really be seeking out those drivers just to find out if the systems are vulnerable? Aren't these problems specific to certain chips?

edit: WIRED article about the vulnerabilities:

https://www.wired.com/story/intel-management-engine-vulnerabilities-pcs-servers-iot/
0 Kudos
5 Replies
idata
Employee
1,356 Views

Hi,

 

 

Unfortunately, the detection tool does require the MEI or TXEI drivers to properly determine the current version of the management engine firmware on a given system.

 

 

if you know the models of the systems in your environment, then you can check with the system manufacturer to determine if they are vulnerable.

 

 

We have a set of links to system manufacturer support pages for this issue at https://www.intel.com/sa-00086-support. We are updating our list as new information is made available to us.

 

 

Hope this helps.
0 Kudos
RSati
Beginner
1,356 Views

Ok. If possible I think you should include some generic driver in the tool that is temporarily loaded in order to complete the check. It seems like more work for me to have to seek out these drivers for the computers.

0 Kudos
idata
Employee
1,356 Views

Thanks Raysatiro.

 

 

Could you test something for me? Try running our SA-00075 Detection tool. It 'might' install the necessary drivers. The tool is at https://downloadcenter.intel.com/download/26755/INTEL-SA-00075-Detection-and-Mitigation-Tool

 

0 Kudos
RSati
Beginner
1,356 Views

It says:

Based on the analysis performed by this tool, the tool was unable to detect ME or SMBIOS information to assess vulnerability.

Explanation:

The tool did not receive a valid response when requesting hardware inventory data from your computer. Please contact your system manufacturer for assistance in determining the vulnerability of this system.

edit: I should note I only tried it on one, if you need more I can't do it until next week.

0 Kudos
idata
Employee
1,356 Views

Thanks for testing that. The SA-00075 installs some of the components necessary to communicate with the ME, I hoped it would help but obviously it didn't.

 

 

At this point, you will need to install the ME driver or just wait for the next BIOS or firmware update for your systems.

 

 

ME drivers are available from the system manufacturer.
0 Kudos
Reply