Community
cancel
Showing results for 
Search instead for 
Did you mean: 
idata
Community Manager
1,034 Views

Intel AMT Firmware drivers vulnerability issue

Hello guys,

I want to confirm if a machine has the Firmware driver that is considered vulnerable (X.X.XX.1XXX) and a MEI (Intel Management Engine Components Driver) driver installed,

is it still considered vulnerable to the local security issue and does step 2 from the mitigation guide(disabling/removing the LMS service) still needs to be followed?

Also is the Intel management and security application local management service (LMS) installed with the MEI drivers? And if removed would the MEI drivers need to be reinstalled?

Thank you.

0 Kudos
1 Reply
MichaelA_Intel
Moderator
127 Views

MartinKaldramov

Thank you for your query. For more details on the security vulnerability, you can refer to the security advisory here:

https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

Breaking down your questions:

I want to confirm if a machine has the Firmware driver that is considered vulnerable (X.X.XX.1XXX) and a MEI (Intel Management Engine Components Driver) driver installed,

is it still considered vulnerable to the local security issue?

Take the following steps to mitigate the risk of your systems being compromised:

1. Unprovisioned your system using the /full flag through ACUConfig.exe

2. Patched your system with the updated firmware fix

and does step 2 from the mitigation guide(disabling/removing the LMS service) still needs to be followed?

All the steps need to be followed in the mitigation guide.

Also is the Intel management and security application local management service (LMS) installed with the MEI drivers?

Yes

And if removed would the MEI drivers need to be reinstalled?

Yes

Reply