Solved: Regarding Intel Management Engine vulnerability - HP Support Community

PaulBouc · ‎01-05-2018

Am looking at all the latest patches and updates in light of new vulnerabilities in all modern CPUs discovered just this week. While doing so, ran into this issue noted on Intel sight and referenced on HP-

HPSBHF03571 rev 2 - Intel Management Engine Cumulative Security update and fix for WPA2 vulnerability

Have downloaded and run associated Discovery Tool and received following output:

Tool Started 1/5/2018 5:11:01 PM
Name: PAUL-PC
Manufacturer: HP-Pavilion
Model: NY591AA-ABA p6267c
Processor Name: Intel(R) Core(TM)2 Quad CPU Q8300 @ 2.50GHz
OS Version: Microsoft Windows 10 Home
Status: Detection Error: This system may be vulnerable, either the Intel(R) MEI/TXEI driver is not installed (available from your system manufacturer) or the system manufacturer does not permit access to the ME/TXE from the host driver.
Tool Stopped

I have also used HP Support Assistant - Maintain - Sofware Updates which states:

Based on the last analysis, your computer is up to date and there are no alerts or tips from HP.

So what am I to conclude?

I am vulnerable or not??
I need the patch or not??

Not sure if this is a BIOS fix, but if I need the patch, is the install process pretty reliable?

I don't want to brick the machine -- not sure I know how to recover that.

Thanks for any insights

Paul

Big_Dave · ‎01-06-2018

@PaulBouc

I suggest that you review the Intel write up about the exposure and how someone could exploit the issue on different PCs even if your PC is not affected according to the information that I posted for you to review and then determine on your own if your PC has the exposure.

HP ENVY 6055, >Custom PC - Z690, i9-12900K, 32GB DDR5 5600, quad NVMe drives 4K screen, NVIDIA 3080 10GB

View solution in original post

Big_Dave · ‎01-05-2018

Hi,

Your PC is 7+ years old and HP may not be providing assistance for all products that are outside of the support period.

Please post the version of the Intel Detection tool that you used.

The security flaw according to this article affects newer processors.

HP ENVY 6055, >Custom PC - Z690, i9-12900K, 32GB DDR5 5600, quad NVMe drives 4K screen, NVIDIA 3080 10GB

PaulBouc · ‎01-06-2018

The Intel Detection Tool I used is:

Intel-SA-00086-CLI Version 1.0.0.152 filename: Intel-SA-00086-console.exe

The best answer would be that my processor is not affected.

My CPU is: Intel(R) Core(TM)2 Quad CPU Q8300@2.5 GHZ 4 CPUs

I also wondered if the compromised subsystem was more an enterprise capability that might not concern home workstations.

With so many recent vulnerabilities discovered, it is difficult to decide what one must do to perform due diligence.

You mentioned my system is 7+ years old and may be beyond the support period. I certainly would not expect HP

to continue providing general support, but might hope that in the case of severe security risks, still cover those types

of issues. E.g., I think Microsoft even recently put out an XP update/patch due to a severe security exposure.

Otherwise, these "old" systems could effectively become unsafe to use in any capacity. I am

not the latest tech junkie and find my 7+ year old quad processor working more than adequate for my needs.

Thank-you for taking time to help me assess this issue.

Big_Dave · ‎01-06-2018

@PaulBouc

I suggest that you review the Intel write up about the exposure and how someone could exploit the issue on different PCs even if your PC is not affected according to the information that I posted for you to review and then determine on your own if your PC has the exposure.

HP ENVY 6055, >Custom PC - Z690, i9-12900K, 32GB DDR5 5600, quad NVMe drives 4K screen, NVIDIA 3080 10GB

Regarding Intel Management Engine vulnerability

Create an account on the HP Community to personalize your profile and ask a question