Intel Management Engine vulnerability

I readed a article and got know that intel cpu has vulnerability, So Intel has provide a Tool to check is the system is still vulnerable or not, and the vulnerability still on my laptop even it's BIOS is updated. Please Help. :zipper_mouth_face:
Intel Article Link: Intel® Management Engine Critical Firmware Update (Intel-SA-00086)
Screenshot:

Here's the thing, its actually common knowledge that there are CPU vulnerabilities called Spectre And Meltdown. Information about these vulnerabilities was released like back in 2018.

Supposedly the new processors were supposed to be patched, and thus fixed from having said vulnerabilities. However, recent studies have shown, that these vulnerabilities are still present in modern day CPU's.

Reality is, if your behind a router, then that means your behind a NAT, which stand for Network Addressed Translation, in lamens terms, its a hardware based firewall. If your behind a hardware firewall, you are safe from 99% of all hacks.

If you up the anti, and setup a software firewall on your computer, then you have further protection still. But depending on your use cases, the CPU hardware based vulnerabilities may not even matter.

For most where those vulnerabilities matter, is big tech corporations, laboratories, NASA, government. If you are some nobody in some house somewhere, using the net to chat with your friends, watch Youtube videos, no hacker is gonna give a toot about you.

So don't let all this hype news as I call it, scare you. One of the things that tech news loves to do, is hype scare you in all this vulnerability stuff. It is true, you want to be safe, you don't want to be an utter dummy surfing the net blindly.

But IMO, thats usually Windows users who don't know the difference between a cd drive and a floppy drive. There the ones getting oodles of virus's on their computers, getting cyber attacked every which way to sunday.

Oh yeah, before I forget, I will leave you with this as well. Just being on Linux alone, is many times safer then being on Windows. Most virus's, and most hackers, are only interested in what they can get out of the Windows users.

Most of the ransomewhere attacks, are targeted towards Windows users as well. Then you also got Android for phone users, and IOS for Apple phone users that often get targeted too.

Hopefully that was some solid food for thought, and helped to bring down your fears a few notches.

1 Like

Yeah i know any system is not fully secured if the user vulnerable. But thing is that i'm tech enthusiastic also security concerned, So love to research about it.

So, it's a vulnerability it should get fixed, I believed that even there is 0.1% chance there is million of user.

Hence, I already mailed Asus let's see

Its possible that Asus can offer a bio's patch. But be warned, you always want to have a backup of your bio's before ever flashing an update. Cause if the bio's update goes south, your going to need a method to fix it.

But thats a big giant if, cause we have no idea what Asus may say in response. They might say, there is nothing we can do sorry. They might say, were working with Intel to come up with a fix. Or they might say, were going to issue a bio's update to fix.

I am glad that you understand the truth without the tech news hype.

1 Like

To run:
Download the tar.gz package and extract it.

Open a terminal in the extracted directory or cd into it.

Some users may need to install python3 first;

sudo apt-get install python-is-python3

Then

./intel_csme_version_detection_tool


Some manufacturers allow the user to disable either me subsystem or Intel AMT control or csme in the BIOS settings. Doing so should be as effective as applying a firmware patch and it is highly recommended to do so.

1 Like

If anyone concern like me please report to Asus security@asus.com or other brand too.

AFIK spectre-meltdown has been addressed on Linux, but check with the following script.GitHub - speed47/spectre-meltdown-checker: Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD

Interesting only Linux operative system supported. Linux King od Kinga.