Intel sa_00086 vulnerability

Brian Robbins
Brian Robbins New Member Posts: 4
edited December 2017 in UP Squared BIOS & FPGA
Just learned of this new threat vector, ran intel's scan. This was output :

Manufacturer: AAEON
Model: UP-APL01
Processor Name: Intel(R) Pentium(R) CPU N4200 @ 1.10GHz
OS Version: Ubuntu 17.10 artful (4.13.0-17-generic)

*** Intel(R) ME Information ***
Engine: Intel(R) Trusted Execution Engine
Version: 3.0.13.1144
SVN: 0

*** Risk Assessment ***
Based on the analysis performed by this tool: This system is vulnerable.
Explanation:
The detected version of the Intel(R) Trusted Execution Engine firmware is considered vulnerable for INTEL-SA-00086.
Contact your system manufacturer for support and remediation of this system.


For more information refer to the SA-00086 Detection Tool Guide or the Intel security advisory Intel-SA-00086 at the following link:
https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00086&languageid=en-fr

So I'm wondering what steps to take.

Edit two weeks later:
Hard to believe in this day and time that UP/AAEON won't even comment on this!?

Comments