Reading Time: 3 minutes

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of our Intel® Management Engine (ME), Intel® Server Platform Services (SPS), and Intel® Trusted Execution Engine (TXE) with the objective of enhancing firmware resilience.

As a result on 20th Nov 2017, Intel has identified security vulnerabilities that could potentially place impacted platforms at risk.

In response to issues identified by external researchers, Intel has performed an in-depth comprehensive security review of its Intel® Management Engine (ME), Intel® Trusted Execution Engine (TXE), and Intel® Server Platform Services (SPS) with the objective of enhancing firmware resilience.

The Intel Management Engine (ME), also known as the Manageability Engine, is an autonomous subsystem that has been incorporated in virtually all of Intel’s processorchipsets since 2008. The Management Engine is often confused with Intel AMT. AMT is based on the ME, but only available on processors with vPro. AMT enables owners remote administration of their computer, like turning it on or off and reinstalling the operating system. However, the ME itself is built into all Intel chipsets since 2008, not only those with AMT. While AMT can be unprovisioned by the owner, there is no official, documented way to disable the ME.

As a result, Intel has identified several security vulnerabilities that could potentially place impacted platforms at risk. Systems using ME Firmware versions 6.x/7.x/8.x/9.x/10.x//11.0/11.5/11.6/11.7/11.10/11.20, SPS Firmware version 4.0, and TXE version 3.0 are impacted.

Affected products:

  • 1st, 2nd, 3rd, 4th, 5th, 6th, 7th & 8th Generation Intel® Core™ Processor Family
  • Intel® Xeon® Processor E3-1200 v5 & v6 Product Family
  • Intel® Xeon® Processor Scalable Family
  • Intel® Xeon® Processor W Family
  • Intel® Pentium® Processor G Series
  • Intel® Atom® C3000 Processor Family
  • Apollo Lake Intel® Atom Processor E3900 series
  • Apollo Lake Intel® Pentium™
  • Celeron™ G, N and J series Processors

Based on the items identified through the comprehensive security review, an attacker could gain unauthorized access to platform, Intel® ME feature, and 3rd party secrets protected by the Intel® Management Engine (ME), Intel® Server Platform Service (SPS), or Intel® Trusted Execution Engine (TXE).

This includes scenarios where a successful attacker could:

  • Impersonate the ME/SPS/TXE, thereby impacting local security feature attestation validity.
  • Load and execute arbitrary code outside the visibility of the user and operating system.
  • Cause a system crash or system instability.
  • For more information, please see this Intel Support article

More detailed information can be found in the Intel Security Advisory at https://securitycenter.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr.

In most cases a simple firmware or BIOS update can resolve this issue, but note that also the new Skylake processors are affected, that means possible issues on new servers until an updated is provided.

Share

Related Posts

  • Critical security issues in VMware VDP product

    As you probably know, VMware vSphere Data Protection (VDP) is the builtin "backup solution" for vSphere and was first introduced with vSphere 5.1 (see VDP: the new VDR in vSphere 5.1). But VMware has decided its End of Availability (EOA) and VMware vSphere 6.5 was…

  • Security threats in a virtual environment

    This is an article realized for StarWind blog and focused on the possible security threats in a virtual environment. See also the original post. Security is typically a hot-topic due also to several regulations and compliant rules and laws. But more important, a security breach can have huge collateral…

  • VMware acquires E8 Security

    VMware has acquired the technology and team of E8 Security. With this acquisition, VMware is further reinforcing its commitment to deliver the industry’s first intelligence-driven digital workspace to empower the employee experience and drive predictive security. Adding E8 Security’s capabilities to VMware's digital workspace platform,…

Virtualization, Cloud and Storage Architect. Tech Field delegate. VMUG IT Co-Founder and board member. VMware VMTN Moderator and vExpert 2010-24. Dell TechCenter Rockstar 2014-15. Microsoft MVP 2014-16. Veeam Vanguard 2015-23. Nutanix NTC 2014-20. Several certifications including: VCDX-DCV, VCP-DCV/DT/Cloud, VCAP-DCA/DCD/CIA/CID/DTA/DTD, MCSA, MCSE, MCITP, CCA, NPP.