Intel CPUs since Skylake susceptible to USB vulnerability

Discussion in 'Frontpage news' started by Hilbert Hagedoorn, Nov 13, 2017.

  1. Hilbert Hagedoorn

    Hilbert Hagedoorn Don Vito Corleone Staff Member

    Messages:
    37,968
    Likes Received:
    6,744
    GPU:
    AMD | NVIDIA
  2. kruno

    kruno Master Guru

    Messages:
    258
    Likes Received:
    70
    GPU:
    4890/1
    Really nice Intel really nice. And you can't disable that technology otherwise processor will shut down. I hope NSA did pay you more then your customers. We simply need more competition in PC arena be it Russian's or Chine's or heck even our on EU so we can hop between manufactures once they frack up. Hopefully more competition would bring more honesty hopefully:(:(:(
     
  3. RzrTrek

    RzrTrek Ancient Guru

    Messages:
    2,461
    Likes Received:
    676
    GPU:
    RX 580 ❤ MESA 20.0+
    Hopefully this is for the best and will bring positive change.
     
  4. JonasBeckman

    JonasBeckman Ancient Guru

    Messages:
    16,433
    Likes Received:
    2,171
    GPU:
    AMD S. 5700XT Pulse
    Thought it could just be disabled but nope it still runs though not all motherboards use the AMT component (My own uses the 1.5mb firmware which apparently does not have it.) and cleaning it out seems to be a real mess and carries hardware damage risks if done improperly.

    https://www.eff.org/deeplinks/2017/...security-hazard-and-users-need-way-disable-it
    https://github.com/corna/me_cleaner

    Interesting to know a bit more on what that component does though, I knew about the bios firmware (Because it's a bit of a mess to update these and older boards only supports older versions.) but not the extent on how it worked and not that much on the actual software and driver component either, always more to learn it would seem and hopefully Intel can fix the exploit with a newer firmware release.
     

  5. nevcairiel

    nevcairiel Master Guru

    Messages:
    673
    Likes Received:
    224
    GPU:
    MSI 1080 Gaming X
    Its only really relevant for professional-grade setup which actually use the remote-management capability of the ME. Consumer boards do not have this, since you need to pay an additional license fee to Intel to enable it. So while Workstations in Companies might be affected depending on their setup, your usual home PC is not impacted from this.
     
  6. Turanis

    Turanis Ancient Guru

    Messages:
    1,606
    Likes Received:
    317
    GPU:
    Gigabyte RX500
    You can't hide,because of Windows 10 and Intel's Management Engine. (ofc there is also mobile spyware)

    O&O ShutUp 10 Useless.
    They have Intel ME which is hardware spy tool. :banana:

    "Consumer boards do not have this, since you need to pay an additional license fee to Intel to enable it. So while Workstations in Companies might be affected depending on their setup, your usual home PC is not impacted from this." Ofc is bullshit,all computers since 2008 have Intel ME.

    https://semiaccurate.com/2017/05/01/remote-security-exploit-2008-intel-platforms/
     
    Last edited: Nov 13, 2017
  7. mbk1969

    mbk1969 Ancient Guru

    Messages:
    9,103
    Likes Received:
    6,000
    GPU:
    GeForce GTX 1070
    There are two versions of ME firmware - corporate and consumer.
     
    akbaar likes this.
  8. nevcairiel

    nevcairiel Master Guru

    Messages:
    673
    Likes Received:
    224
    GPU:
    MSI 1080 Gaming X
    All Intel boards have some sort of ME, but not all ME is made equal. Consumer boards have a much smaller version of the ME, and even on workstation/server boards the ME can have different features enabled/disabled based on licensing. Intel doesn't give AMT away for free.

    The link you so gratuously provided even explains how only boards with AMT are affected (although its hard to find between all the biased Intel bashing on SA)
     
  9. AlmondMan

    AlmondMan Master Guru

    Messages:
    502
    Likes Received:
    42
    GPU:
    5700 XT Red Dragon
    It might be fixed in the latest version of the firmware. At least that's what the HP updates we roll on to the systems state. And the updates didn't used to yell really loudly about security vulnerabilities in firmware versions...
     
  10. Turanis

    Turanis Ancient Guru

    Messages:
    1,606
    Likes Received:
    317
    GPU:
    Gigabyte RX500
    Yes,yes,graciously provided. :)

    Any Corporation involved in this mass spyware industry do not let users/consumers outside of the spyware box.
    Thats why Intel update IME in feb 2017,because consumers are involved and graciously be in this,they need to be "protected".If you have IME+Vpro supported cpu then ...no comment.
     

  11. akbaar

    akbaar Master Guru

    Messages:
    309
    Likes Received:
    15
    GPU:
    ASUS 2080 STRIX
  12. tsunami231

    tsunami231 Ancient Guru

    Messages:
    10,289
    Likes Received:
    527
    GPU:
    EVGA 1070Ti Black
    if one dont let random usb devices to be attached system it dont mean anything, not so much in corporate environment i guess but knowing what the MEI does is and being out bag at that isnt good cause now those "miscreants" will now be looking for uses of this or find other ways in.

    these days people that find this "exploits" dont report to correct people but just make it know to all and make things worse.
     
  13. fry178

    fry178 Maha Guru

    Messages:
    1,476
    Likes Received:
    200
    GPU:
    FTW Hybrid 2080S
    i still see this more of an issue as something like win "spying" on me.
    first thing i do is check bios for settings and after windows is installed disable the device in DM.
    another reason i'll never run the driver disc from the board/"auto" install crap...
     

Share This Page