-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
-
×InformationNeed Windows 11 help?Check documents on compatibility, FAQs, upgrade information and available fixes.
Windows 11 Support Center.
- HP Community
- Desktops
- Desktop Wireless and Networking
- Re: HP Omen Intel Management Engine vulnerability
Create an account on the HP Community to personalize your profile and ask a question
11-25-2017 07:26 PM
According to information online, there is a vulnerability in Intel(R) Management Engine that affects my computer.
Are there any updates from HP to fix this?
This is the output from INTEL-SA-00086 Detection Tool:
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Management Engine firmware is considered vulnerable for INTEL-SA-00086. Contact your system manufacturer for support and remediation of this system.
For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link: <<< msg board won't let me put in link >>>
INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 11/25/2017 6:04:36 PM
Host Computer Information
Name: OMEN-MDO
Manufacturer: HP
Model: 870-120st
Processor Name: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
OS Version: Microsoft Windows 10 Pro
Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 11.0.1.1001
SVN: 1
Copyright(C) 2017, Intel Corporation, All rights reserved.
Solved! Go to Solution.
Accepted Solutions
02-10-2018 10:13 AM
Was not having any luck on this, then noticed the HP Support Assistant icon on my task bar. I used it to update several chipset files
Then I ran the updated INTEL-SA-00086 Detection Tool at https://downloadcenter.intel.com/download/20775/Intel-Chipset-Device-Software-INF-Update-Utility-?pr...
Now I get this info from the Intel tool: This system is not vulnerable. It has already been patched.
(looks like they modified the Intel tool so I cannot copy/paste from it)
I guess HP was getting the fixes out; I just didn't know where to find them.
Thanks!
12-08-2017 09:21 AM
Hi @mdo47 ,
Welcome to HP Forums,
This is a great place to get support, find answers and tips,
Thank you for posting your query, I'll be more than glad to help you out 🙂
As I understand you are facing issues with the Intel Management Engine vulnerability with HP omen.
Follow this link and update the Intel Management Engine Software 11.7.0.1043
Let me know how that pans out.
I hope you have a good day ahead,
And Feel free to ask any other queries as well,
Considering, this forum has some of the best people in the world available and ready to help. 😉
Barachiel
I am an HP Employee
12-08-2017 10:14 AM
Thanks for the reply! I did that; from the prompts it looked like it worked. Then I rebooted just to be sure, and ran the Intel test program again. It gave me exactly the same output and the version number had not changed. Here is a synopsis:
Based on the analysis performed by this tool: This system is vulnerable.
INTEL-SA-00086 Detection Tool
Application Version: 1.0.0.128
Scan date: 12/8/2017 8:57:21 AM
Host Computer Information
Name: OMEN-MDO
Manufacturer: HP
Model: 870-120st
Processor Name: Intel(R) Core(TM) i7-6700K CPU @ 4.00GHz
OS Version: Microsoft Windows 10 Pro
Intel(R) ME Information
Engine: Intel(R) Management Engine
Version: 11.0.1.1001
SVN: 1
I looked at the logs for the device Intel(R) Management Engine Interface; it showed driver version 11.7.0.1040. The last three entries in the log were as follows, including the text Device Updated: false.
I had tried to follow all the install notes etc.
Driver Date: 07/18/2017
Driver Version: 11.7.0.1040
Driver Provider: Intel
Driver Section: TEE_DDI_W10_x64
Driver Rank: 0xFF2001
Matching Device Id: PCI\VEN_8086&DEV_A13A
Outranked Drivers:
Device Updated: false
Parent Device: ACPI\PNP0A08\0
Event 2:
Device PCI\VEN_8086&DEV_A13A&SUBSYS_2B4B103C&REV_31\3&11583659&1&B0 was started.
Driver Name: oem47.inf
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Service: MEIx64
Lower Filters:
Upper Filters:
Event 3:
Driver Management concluded the process to install driver heci.inf_amd64_77f0a47042cd4a88\heci.inf for Device Instance ID PCI\VEN_8086&DEV_A13A&SUBSYS_2B4B103C&REV_31\3&11583659&1&B0 with the following status: 0x0.
Thanks!
Mark
12-08-2017 11:04 AM
12-09-2017 09:57 AM
Once again - thanks for the prompt reply!
I did what was suggested and then repeated the installation for Intel management engine then rebooted. Once again the message from the Intel-SA-0086 detection tool was unchanged.
Then I tried the entire process again but logged in as administrator (I normally log in as an ordinary user for security). Still at the end the Intel detection tool gave the same "system is vulnerable" message and also listed my version of Intel management engine as follows:
Engine: Intel(R) Management Engine
Version: 11.0.1.1001
SVN: 1
I notice that the link you gave for the management engine firmware update was not exactly for the HP Omen desktop I have; the versions for that can be found under "Driver-Chipset" at this location
That location still shows chipset driver versions from March and September of 2016.
Could that be the issue?
02-10-2018 10:13 AM
Was not having any luck on this, then noticed the HP Support Assistant icon on my task bar. I used it to update several chipset files
Then I ran the updated INTEL-SA-00086 Detection Tool at https://downloadcenter.intel.com/download/20775/Intel-Chipset-Device-Software-INF-Update-Utility-?pr...
Now I get this info from the Intel tool: This system is not vulnerable. It has already been patched.
(looks like they modified the Intel tool so I cannot copy/paste from it)
I guess HP was getting the fixes out; I just didn't know where to find them.
Thanks!