• Intel Vulnerabilities-How worried should I be?

    Home » Forums » Cyber Security Information and Advisories » Code Red – Security/Privacy advisories » Intel Vulnerabilities-How worried should I be?

    Tags:

    Author
    Topic
    Mike
    AskWoody Plus
    February 3, 2020 at 10:17 pm #2125348

    Hello:

    I’ve got a pretty new processor (well that’s relative).  It’s an Intel Core i9-9900-x

    So, Intel has a list of possible processor vulnerabilities, but beyond all the technical talk, I can’t figure out just how these vulnerabilities might affect me……if ever at all in a real life home user situation.  It’s incredibly overwhelming.  Any general insight would be helpful.

    Thanks,  Mike

    Clip of the list for my processor
    INTEL-SA-00241
    Multiple potential security vulnerabilities in Intel® Converged Security and Management Engine (Intel® CSME), Intel® Server Platform Services, Intel® Trusted Execution Engine, and Intel® Active Management Technology
    Support Information
    November 12, 2019

    INTEL-SA-00213
    Multiple potential security vulnerabilities in Intel® Converged Security and Management Engine (Intel® CSME), Intel® Server Platform Services, Intel® Trusted Execution Engine, and Intel® Active Management Technology
    Support Information
    May 14, 2019

    INTEL-SA-00185
    Multiple potential security vulnerabilities in Intel® Converged Security and Management Engine (Intel® CSME), Intel® Server Platform Services, Intel® Trusted Execution Engine, and Intel® Active Management Technology
    Support Information
    March 3, 2019

    INTEL-SA-00142
    Intel® Platform Trust Technology (Intel® PTT) Update Advisor
    Support Information
    August 27, 2018

    INTEL-SA-00141
    Intel® Active Management Technology 9.x-12.x Cumulative Update Advisory
    Support Information
    August 27, 2018

    INTEL-SA-00125
    Intel® Converged Security and Management Engine (Intel® CSME) Assets Advisory
    Support Information
    August 27, 2018

    INTEL-SA-00131
    Power Management Controller Security Advisory
    Support Information
    August 27, 2018

    INTEL-SA-00118
    Intel CSME 11.x Advisory
    Support Information
    July 16, 2018

    INTEL-SA-00112
    Q2’18 Intel® AMT/Intel CSME 9.x/10.x/11.x Security Advisory
    Support Information
    July 16, 2018

    INTEL-SA-00101
    Intel AMT WPA2 Advisory
    Support Information
    January 11, 2018

    INTEL-SA-00086
    Q3’17 Intel AMT/Intel CSME 6.x/7.x/8.x/9.x/10.x/11.x, SPS 4.0, and Intel® Trusted Execution Engine (Intel® TXE) 3.0 Security Advisory
    Support Information
    December 10, 2017

    INTEL-SA-00075

    Intel® Active Management Technology, Intel® Small Business Technology, and Intel® Standard Manageability Escalation of Privilege Advisory
    Support Information
    May 17, 2017

    Major EDIT – html to text (if copy>pasting on the Visual Tab, please make sure you use the PASTE AS TEXT option)

    Reply | Quote
    Viewing 4 reply threads
    Author
    Replies
    • Kirsty
      Manager
      February 3, 2020 at 10:28 pm #2132285

      SA-00086 has been discussed on AskWoody when it was first reported. Follow the links in that post for further relevant AskWoody topics.

      Reply | Quote
    • Mike
      AskWoody Plus
      February 3, 2020 at 10:52 pm #2132791

      Thanks Kirsty,

      (Sorry about the paste above that had to be fixed.  Thanks.)

      That’s a good post/thread with better information than Intel’s.

      1.  What I can’t figure out is if I have a i9-9900-x processor, isn’t that a 9th generation ?  If so then it doesn’t appear to be on the list.  However I do have the Intel MEI software (why I don’t know) which seems to work with the processor.

      2.  I’ve used the Intel Detection Tool (CSME) and it reports back “May be vulnerable” which is one of three output states (Vulnerable, May be Vulnerable and Not Vulnerable).  That report is worthless to me.

      That’s why I’m confused on this issue.

      I’d appreciate any other ideas.

      Mike

      Reply | Quote
      • Kirsty
        Manager
        February 4, 2020 at 1:09 am #2134597
        Mike wrote:

        What I can’t figure out is if I have a i9-9900-x processor, isn’t that a 9th generation ?

        Here’s how to make sense of processor details:
        About Intel® Processor Numbers

        I can see “i9-9900” listed there as 9th generation, but the “-x” isn’t shown (it’s an Intel® Core™ X-series processor, which have a different system). An i9-9900 x-series is a Skylake (6th generation).

        2 users thanked author for this post.
        Lars220, Pim
        Reply | Quote
    • Kathy Stevens
      AskWoody Plus
      February 3, 2020 at 11:28 pm #2133786

      Try running the Intel® Driver & Support Assistant that is available at https://www.intel.com/content/www/us/en/support/intel-driver-support-assistant.html

      1 user thanked author for this post.
      Lars220
      Reply | Quote
    • Mike
      AskWoody Plus
      February 3, 2020 at 11:43 pm #2134155

      Good point Kathy.  Just ran it and it just showed updates for Bluetooth and Thunderbolt.  Nothing else I could see.  Perhaps I’m not looking in the right place ?

      Reply | Quote
      • Paul T
        AskWoody MVP
        February 4, 2020 at 2:17 am #2134606

        If the updates are not offered by the Intel utility you don’t need them.

        The vulnerabilities you have listed are mainly management system problems and these can only be attacked from your local network, not the internet – assuming a standard router.
        Make sure your AV is up to date and make a regular backup, then you can relax knowing you can easily recover.

        cheers, Paul

        Reply | Quote
    • Mike
      AskWoody Plus
      February 4, 2020 at 4:06 pm #2134931

      Thanks everyone for the advice and points.

      Let me say that the value of this forum and the people here is top notch.  If you’ve every contacted a MB or processor manufacturer…..or for that matter tried clicking on endless link and reading documents that link around to the same ones………..you know the frustration.

      Reply | Quote
    Viewing 4 reply threads
    Reply To: Intel Vulnerabilities-How worried should I be?

    You can use BBCodes to format your content.
    Your account can't use all available BBCodes, they will be stripped before saving.

    Your information:




DON'T MISS OUT!
Subscribe to the Free Newsletter
We promise not to spam you. Unsubscribe at any time.
Invalid email address

View the Forum

  • Recent Replies
  • My Replies
  • My Active Topics
  • New Posts in the Last day
  • Private Messages
  • Knowledge Base
  • How to use the Forums
  • All Forums

    • Recent Topics

    My Profile

    March 2025
    S M T W T F S
     1
    2345678
    9101112131415
    16171819202122
    23242526272829
    3031  

    Want to Advertise in the free newsletter? How about a gift subscription in honor of a birthday? Send an email to sb@askwoody.com to ask how.

    Mastodon profile for DefConPatch
    Mastodon profile for AskWoody

     

    Home About FAQ Posts & Privacy Forums My Account
    Register Free Newsletter Plus Membership Gift Certificates MS-DEFCON Alerts

    Copyright ©2004-2025 by AskWoody Tech LLC. All Rights Reserved.