Gigabyte rolls out fixes for Intel ME and TXE vulnerabilities

by Mark Tyson on 22 November 2017, 10:31

Tags: Intel (NASDAQ:INTC), Gigabyte (TPE:2376)

Quick Link: HEXUS.net/qadnzf

Add to My Vault: x

We have covered news about the security implications of Intel's Management Engine a couple of times previously this year. Several big companies have worked on disabling this underlying management technology for fear of hacks/leaks and so on and another enterprising company has sought to disable Intel's Management Engine from running on privacy focussed laptops.

A day or two ago Intel announced it had completed a review of its ME firmware and created some fixes for that, as well as for the Intel Server Platform Services (SPS) and Intel Trusted Execution Engine (TXE). There is a (Windows and Linux) tool available from Intel that detects vulnerabilities on your PC. However for Elevation of Privilege fixes you will have to rely upon the service of your motherboard maker or laptop OEM.

I ran the detection tool on my (Haswell i7) desktop and found my system wasn't vulnerable. That's not surprising, as the impacted CPUs were said to include the following:

  • 6th, 7th & 8th Generation Intel Core Processor Family
  • Intel Xeon Processor E3-1200 v5 & v6 Product Family
  • Intel Xeon Processor Scalable Family
  • Intel Xeon Processor W Family
  • Intel Atom C3000 Processor Family
  • Apollo Lake Intel Atom Processor E3900 series
  • Apollo Lake Intel Pentium
  • Celeron N and J series Processors

As per our headline, Gigabyte is among the first of Intel's hardware partners to release fixes for Intel ME and TXE security vulnerabilities. The firm directs customers to its official website to download the latest BIOS versions as well as ME and TXE drivers.

Gigabyte will update its motherboards starting with the Z370 and 200 series, and then work through previous generation motherboards as applicable.



HEXUS Forums :: 3 Comments

Login with Forum Account

Don't have an account? Register today!
This is where I can be smug about getting a thinkpad - the update fixing this was pushed out at the start of november!
Are you sure about that as this support article on lenovo.com covering INTEL-SA-00086 was only published a couple of days ago.
Not 100%. The thinkpad 13 page (under chipset) says that IME version 11.8.50.3399 (which I have installed, and the intel tool says my system is satisfactorily patched) was released for the 13 on the 1st of nov. I don't have anything else tying it to that date however, as I only installed it early on the 21st