Security Issue - Intel management Engine (Intel-SA-00086)

Hi.

Honestly, if you don't understand Intel's documentation, best would be to just use the test tool and if if finds your system is vulnerable, just install the patch. The intel ME is a very, very complicated matter, because intel does not offer documentation for it. But yes, it is dangerous, if you are affected.

If you need to test a whole network, I can offer a script for that.

Thanks for your prompt reply McKnife. Would really appreciate if you could share that script.

I will send me a reminder to my office and offer it within 12 hours. It uses the command line, so you can use is as a startup script that computers execute at boot time.

Sounds good.  If I may ask, do you have similar script that can push out the 2 patches released by Intel - the FW and Driver in my  network.

Yes, I have, but that will only work for certain hardware in my office and not in general. But it will give you an idea - will share as well.

Thank you so much.  Highly appreciated.

You are welcome. Feel free to ask for further advice.

Edit: The english string to look for is of course "This system is vulnerable". Sorry for that and please verify it.

Will do. Thanks once again.