Hello MaximvL,

Thank you so much for patiently waiting on our response.

In order to delve deeper into this issue, we would like to ask about the specific make and model of your system, as well as your processor model.

Additionally, if you wish to report any security vulnerabilities related to Intel® products, we encourage you to check out our article titled 'How Do I Report Security and Vulnerability Issues Related to Intel® Products?' for detailed guidance.

We look forward to your response!

Best regards,

Carmona A.

Intel Customer Support Technician

Hello MaximvL,

We are checking in with you to see if you already have the answers to our questions so we can further isolate our issue.

Thank you, and have a great day!

Best regards,

Carmona A.

Intel Customer Support Technician

Carmona,

We have dozens of models with this issue. p.e. Dell Latitude 5540 13th Gen Intel(R) Core(TM) i5-1335U

I will send a mail as detailed in the link you send.

Hello MaximvL,

Thank you so much for providing us with the details that we have requested. It is highly noted.

Yes, please do send an email using the link that we have provided so the right team can provide you with appropriate assistance regarding the security and vulnerability related to our Intel products.

By the way, I will now raise the case again with our engineers so they can thoroughly investigate the issue and provide us with a recommendation.

I will get back to you as soon as I have our engineers response.

Again, thank you so much for your patience. 

Best regards,

Carmona A.

Intel Customer Support Technician

Same issue here with several hundred Microsoft Surface Laptop and Surface Pro devices.

Specifically, the vulnerability is with the below files under folder c:\windows\system32\driverstore\filerepository\ that are part of the Intel ICLS driver packages installed on these devices:

libssl-1_1-x64.dll

libcrypto-1_1-x64.dll

libssl-3-x64.dll

libcrypto-3-x64.dll

Many devices have two versions of the Intel ICLS drivers within c:\windows\system32\driverstore\filerepository\ - one version with OpenSSL 1.1.1.0 DLLs and another with version OpenSSL 3.0.11.0 DLLs.

Installing the current Intel ME driver package using the installer linked in original post does not uninstall the old versions. There is also no entry in Add/Remove Programs to uninstall the older versions of ICLS.

What is the recommended method for removing old versions of Intel ICLS drivers from multiple devices?

Hello MaximvL,

Thank you for patiently waiting on our response.

Please continue to contact the Intel Product Security Incident Response Team for your concern; they will provide you with the appropriate recommendation that you need.

You may use this thread as a reference once you have contacted them.

• MaximvL Community thread

By the way, we will now be closing this case. For additional information, please submit a new question, as this thread will no longer be monitored.

Best regards,

Carmona A.

Intel Customer Support Technician