• ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
Seize the moment! nominate yourself or a tech enthusiast you admire & join the HP Community Experts!
Archived This topic has been archived. Information and links in this thread may no longer be available or relevant. If you have a question create a new topic by clicking here and select the appropriate board.

‎12-19-2017 05:08 PM - edited ‎12-22-2017 04:50 AM

HP Recommended
Product: HP EliteBook 820 G2 Notebook PC
Operating System: Microsoft Windows 7 (64-bit)

As stated on the Intel web page linked below, only 6th, 7th and 8th generation of the Intel Core processor families are affected by the Intel Management Engine vulnerability:

https://www.intel.com/content/www/us/en/support/articles/000025619/software.html

 

However, if I run the utility provided by Intel to check for the vulnerability on a CPU from the 5th generation Intel Core processor family, the utility returns that the system *IS VULNERABLE*. So, the question is, do I need to take action because of this status or am I "home free" due to the fact that the CPU isn't of the 6th, 7th or 8th generation? Or, should the listed CPU families only work as "guidance" and that it might affect even 5th (or other) generations of notebook/desktop CPUs as well?

 

If 5th generation CPUs is not considered vulnerable (even if having Intel ME versions that is within the span of vulnerable versions), why has HP released fixes for models that is based on 5th gen CPUs (for example the HP Elitebook 820 G2)? Is this due to the fact that the support web page linked below also contains a fix for the disclosed WPA2 vulnerability? I.e. the downloadable fix for the 5th gen models mentioned is not in any way related to the Intel ME vulnerability but only the WPA2 vulnerability for certain computer models with older CPUs than the 6th generation?

https://support.hp.com/us-en/document/c05843704

 

The information that can be found is not enough to make a conclusion that is beyond doubt about whether a CPU is vulnerable or not given the fact that the Intel ME “vulnerability scan” utility reports a vulnerable system even on CPU types not listed as vulnerable. It doesn’t make sense and there is some kind of limping logic surrounding it all. It could be more clear and obvious so that people make decisions based on the correct knowledge and not potentially leaving systems vulnerable after reading the information provided by Intel and come to the conclusion that “we don’t have those CPU types mentioned, so we are all safe…” It is crucial to be absolutely sure about what systems are affected or not in order to take action and not just leaving systems vulnerable believing that they are OK.

 

EDIT:

This issue has gotten a clarification on the Intel support forums:

https://communities.intel.com/message/515130

 

Archived This topic has been archived. Information and links in this thread may no longer be available or relevant. If you have a question create a new topic by clicking here and select the appropriate board.
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.
Didn't find what you were looking for? Ask the community
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.